Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 2:00 PM, Karl <[email protected]> wrote: > On Sat, Jun 6, 2020, 9:48 AM other.arkitech <[email protected]> > wrote: > >> Sent with [ProtonMail](https://protonmail.com) Secure Email. >> >> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ >> On Saturday, June 6, 2020 1:28 PM, Karl <[email protected]> wrote: >> >>> On Sat, Jun 6, 2020, 8:14 AM other.arkitech <[email protected]> >>> wrote: >>> >>>> Sent with [ProtonMail](https://protonmail.com) Secure Email. >>>> >>>> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ >>>> On Saturday, June 6, 2020 12:00 PM, Karl <[email protected]> wrote: >>>> >>>>> On Sat, Jun 6, 2020, 7:49 AM other.arkitech >>>>> <[email protected]> wrote: >>>>> >>>>>> Sent with [ProtonMail](https://protonmail.com) Secure Email. >>>>>> >>>>>> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ >>>>>> On Saturday, June 6, 2020 11:38 AM, Karl <[email protected]> wrote: >>>>>> >>>>>>> On Sat, Jun 6, 2020, 7:18 AM other.arkitech >>>>>>> <[email protected]> wrote: >>>>>>> >>>>>>>> Sent with [ProtonMail](https://protonmail.com) Secure Email. >>>>>>>> >>>>>>>> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ >>>>>>>> On Saturday, June 6, 2020 10:17 AM, Karl <[email protected]> wrote: >>>>>>>> >>>>>>>>> On Fri, Jun 5, 2020, 7:29 PM other.arkitech >>>>>>>>> <[email protected]> wrote: >>>>>>>>> >>>>>>>>>>> so your system doesn't have a bloated chain, which is nice. The >>>>>>>>>>> 'consensus' is handled by voting...based one IP address one vote. >>>>>>>>>>> But how robust is relying on IP addresses at the end of the day? >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> IPv4 provides unique features no other protocol has. address space >>>>>>>>>> is saturated (scarce) and addresses are not cheap. It is a a nice >>>>>>>>>> tool for Sybil control >>>>>>>>> >>>>>>>>> OA, when you say this people start disregarding what you say because >>>>>>>>> it is false. >>>>>>>>> >>>>>>>>> Any software developer can get thousands of IP addresses by altering >>>>>>>>> a piece of pirated software to include something new of their own >>>>>>>>> design and sharing it in a venue where it hasn't been shared on >>>>>>>>> before. There are many many other ways and people _think_ of them, >>>>>>>>> _use_ them, are _observed_ using them, and things spread and grow. >>>>>>>> >>>>>>>> what? any developer geting thousands of public IPv4 addresses by >>>>>>>> modifying software? >>>>>>>> Nop. That's not true. >>>>>>>> (Or I haven't understood well what you say) >>>>>>> >>>>>>> People go to places on the internet to download things. Others can >>>>>>> upload things to those places to download. You can upload something >>>>>>> that lies about what it is doing, and gives you use of the ip address >>>>>>> of the downloader's computer when run. Do you understand? >>>>>>> >>>>>>> It sounds like this is surprising to you? >>>>>> >>>>>> so you refer to computers running malware, that case is contemplated in >>>>>> the design as an 'evil node' >>>>> >>>>> it sounds like you haven't addressed a sybil attack from massively >>>>> distributed malware, which is fine nobody can cover everything. not sure >>>>> where the design lives. >>>> >>>> If the malware is distributed in a bigger scale than the honest software, >>>> indeed, the evil network becomes the 'honest' one to the eyes of the >>>> software, that's 51% attack. >>>> >>>> Provided a world distribution of people that can be evil/honest of >>>> 80%-20%, the likeliness of an evil network overtaking the honest one is >>>> lower than the opposite. >>>> >>>> The evil network wont work if many evil nodes run behind same IP, so the >>>> malware must meet the same distribution enforcement applied to the honest >>>> net. Nodes running malware must be geographically distributed, so local >>>> marketplaces spreading malware have less chances to spread worldwide in >>>> order to compromise the network. >>> >>> I'm not sure you're hearing me when I say that one person is able to >>> distribute malware to thousands (or more) of other people worldwide, >>> producing a sybil attack from an individual. Is this something you're able >>> to repeat back to me? It sounds like you have an expectation around >>> handling this? >> >> i though i gave a fair response. >> i understand you say that many computers can be infected of malware by a >> single individual who is creating an attacking botnet. >> An I said such botnet must be bigger than the network to succeed. >> >> The security of USPS depends on the number of nodes, the bigger the best. > > Thanks. It is actually reasonable to create a botnet that covers an entire > sector of the world (such as everybody running ubuntu 20 or windows 10 or the > latest iOS) by finding, developing, or observing an unpatched exploit. With > more than one exploit a botnet developer could cover multiple such sectors. > I imagine this would usually produce more ip addresses than a specific > network service like USPS uses. > > This concern is one of the ones USPS hasn't been acknowledging. 51% attack is always a concern. My answer is to have a big honest network that makes it very difficult for a botnet to coordinate the attack. the attacking vector is a war on size. In bitcoin the homologous attacking vector is a war on hashing power. > Even bitcoin has unaddressed security concerns. > > The use of scarce ip address alotment to make it less worthwhile to perform > some sybil attacks than to use other means to achieve an end is also used by > IPFS, last I looked. Interesting, will look at it. Thanks >>> I also see no reason a malware marketplace would not spread worldwide. >> >> no technical reason, obviously it is flat internet. >> But people operate in cultures, I mean that a malware disguised say for >> instance inside a pirate copy of photoshop will only be spread across those >> who use photoshop who are not caring about malware, not all possible >> computers. >> >>> Really struggling to communicate here. I understand you need to know your >>> software is given a fair trial to actually run, is that correct? >> >> Sorry about that if that's my fault. I try to respond with what I think >> about the attack vector you describe. >> >> I am try to honestly persuade you guys to try USPS if you're really >> interested in it as a next-gen cryptocurrency system. >> My interest is to gain users that can explore every corner of it, in order >> to find gaps, failures, etc. Just helping me in its development. >> >>>
