I've found this resource about cypherpunks: https://github.com/jooray/cypherpunk-research
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 3:40 PM, Karl <gmk...@gmail.com> wrote: > On Sat, Jun 6, 2020, 11:34 AM other.arkitech <other.arkit...@protonmail.com> > wrote: > >> Sent with [ProtonMail](https://protonmail.com) Secure Email. >> >> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ >> On Saturday, June 6, 2020 3:24 PM, Karl <gmk...@gmail.com> wrote: >> >>> I missed some of your expressions. >>> >>> On Sat, Jun 6, 2020, 10:59 AM other.arkitech >>> <other.arkit...@protonmail.com> wrote: >>> >>>>>>>>>>>> what? any developer geting thousands of public IPv4 addresses by >>>>>>>>>>>> modifying software? >>>>>>>>>>>> Nop. That's not true. >>>>>>>>>>>> (Or I haven't understood well what you say) >>>>>>>>>>> >>>>>>>>>>> People go to places on the internet to download things. Others can >>>>>>>>>>> upload things to those places to download. You can upload >>>>>>>>>>> something that lies about what it is doing, and gives you use of >>>>>>>>>>> the ip address of the downloader's computer when run. Do you >>>>>>>>>>> understand? >>>>>>>>>>> >>>>>>>>>>> It sounds like this is surprising to you? >>>>>>>>>> >>>>>>>>>> so you refer to computers running malware, that case is contemplated >>>>>>>>>> in the design as an 'evil node' >>>>>>>>> >>>>>>>>> it sounds like you haven't addressed a sybil attack from massively >>>>>>>>> distributed malware, which is fine nobody can cover everything. not >>>>>>>>> sure where the design lives. >>>>>>>> >>>>>>>> If the malware is distributed in a bigger scale than the honest >>>>>>>> software, indeed, the evil network becomes the 'honest' one to the >>>>>>>> eyes of the software, that's 51% attack. >>>>>>>> >>>>>>>> Provided a world distribution of people that can be evil/honest of >>>>>>>> 80%-20%, the likeliness of an evil network overtaking the honest one >>>>>>>> is lower than the opposite. >>>>>>>> >>>>>>>> The evil network wont work if many evil nodes run behind same IP, so >>>>>>>> the malware must meet the same distribution enforcement applied to the >>>>>>>> honest net. Nodes running malware must be geographically distributed, >>>>>>>> so local marketplaces spreading malware have less chances to spread >>>>>>>> worldwide in order to compromise the network. >>>>>>> >>>>>>> I'm not sure you're hearing me when I say that one person is able to >>>>>>> distribute malware to thousands (or more) of other people worldwide, >>>>>>> producing a sybil attack from an individual. Is this something you're >>>>>>> able to repeat back to me? It sounds like you have an expectation >>>>>>> around handling this? >>>>>> >>>>>> i though i gave a fair response. >>>>>> i understand you say that many computers can be infected of malware by a >>>>>> single individual who is creating an attacking botnet. >>>>>> An I said such botnet must be bigger than the network to succeed. >>>>>> >>>>>> The security of USPS depends on the number of nodes, the bigger the best. >>>>> >>>>> Thanks. It is actually reasonable to create a botnet that covers an >>>>> entire sector of the world (such as everybody running ubuntu 20 or >>>>> windows 10 or the latest iOS) by finding, developing, or observing an >>>>> unpatched exploit. With more than one exploit a botnet developer could >>>>> cover multiple such sectors. I imagine this would usually produce more >>>>> ip addresses than a specific network service like USPS uses. >>>>> >>>>> This concern is one of the ones USPS hasn't been acknowledging. >>>> >>>> 51% attack is always a concern. My answer is to have a big honest network >>>> that makes it very difficult for a botnet to coordinate the attack. the >>>> attacking vector is a war on size. >>> >>> Always a fan of assuming honesty, but it's good to have something to fall >>> back on if honesty isn't upheld in some edge situation. This is where >>> cryptocurrency usually shines. >>> >>> Given it doesn't take financial resources to acquire IP addresses, USPS >>> could struggle to use the usual cryptocurrency avenue of it being more >>> profitable to support the network than attack it. >>> >>> But really hashpower is just plain much harder to acquire than ip >>> addresses. I'm not sure there are even any laws against botnets. >>> >>> The use of hashpower, difficulty, and an append-only log also lets users of >>> cryptocurrencies detect attacks by observing metrics. >>> >>>> >>>> >>>> In bitcoin the homologous attacking vector is a war on hashing power. >>>> >>>>> Even bitcoin has unaddressed security concerns. >>>>> >>>>> The use of scarce ip address alotment to make it less worthwhile to >>>>> perform some sybil attacks than to use other means to achieve an end is >>>>> also used by IPFS, last I looked. >>>> >>>> Interesting, will look at it. Thanks >>>> >>>>>>> I also see no reason a malware marketplace would not spread worldwide. >>>>>> >>>>>> no technical reason, obviously it is flat internet. >>>>>> But people operate in cultures, I mean that a malware disguised say for >>>>>> instance inside a pirate copy of photoshop will only be spread across >>>>>> those who use photoshop who are not caring about malware, not all >>>>>> possible computers. >>> >>> sorry missed this. hope i addressed it suitably. >>> >>>>>>> Really struggling to communicate here. I understand you need to know >>>>>>> your software is given a fair trial to actually run, is that correct? >>>>>> >>>>>> Sorry about that if that's my fault. I try to respond with what I think >>>>>> about the attack vector you describe. >>>>>> >>>>>> I am try to honestly persuade you guys to try USPS if you're really >>>>>> interested in it as a next-gen cryptocurrency system. >>>>>> My interest is to gain users that can explore every corner of it, in >>>>>> order to find gaps, failures, etc. Just helping me in its development. >>> >>> Open source and utility are what I see as being needed. I don't know this >>> list well and am spamming it right now, but I see it as a list of >>> developers, not users. >> >> I don't know it well either, most of the topics I see with activity do not >> point me in a dev-oriented direction. Mosty are user-level comments, also >> paper-level comments. > > Let's review the list history at https://lists.cpunks.org/mailman/listinfo a > little to see what the mailing list is really about. I've never looked there > before myself, and it's pretty gratifying to have this opportunity to do so.
