Hi Peter, What in this BIP makes a MITM attack easier (or easy) to detect, or increases the probability of one being detected?
e > On Jun 28, 2016, at 8:22 PM, Peter Todd <p...@petertodd.org> wrote: > > On Tue, Jun 28, 2016 at 06:45:58PM +0200, Eric Voskuil via bitcoin-dev wrote: >>> 1) Transaction censorship >>> ISPs, WIFI provider or any other MITM, can holdback/censor unconfirmed >>> transactions. Regardless if you are a miner or a validation/wallet node. >>> >>> 2) Peer censorship >>> MITM can remove or add entries from a "addr" message. >>> >>> 3) Fingerprinting >>> ISPs or any other MITM can intercept/inject fingerprinting relevant >>> messages like "mempool" to analyze the bitcoin network. >> >> Encryption alone cannot protect against a MITM attack in an anonymous and >> permissionless network. This is accepted in the BIP (and your follow-up >> reply). > > Being able to easily detect MITM attacks is a _huge_ step forward that > shouldn't be underestimated; even if 99% of users aren't in a position to > detect the MITM you only need a small subset of users that do the necessary > checks to alert the wider community, who can then respond with stronger > security measures. Those measures are likely to be more costly - authenticated > systems are significantly harder than not - so better to save your efforts > until the need for them is more obvious. > > Also the fact that an attack has a reasonable probability of detection is a > big > disincentive for many types of attackers - note how one of the things revealed > in the Snowden leaks was the fact that the NSA generally tries quite hard to > avoid tipping off targets to the fact that they're being surveilled, with a > myriad of carefully scripted policies to control when and how exploits are > used > against targets. > > -- > https://petertodd.org 'peter'[:-1]@petertodd.org _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
