ISPs Could Take Down Large Parts of Bitcoin Ecosystem If They Wanted To

An anonymous reader writes: A rogue ISP could take down large parts of the Bitcoin ecosystem, according to new research that will be presented in two weeks at the 38th IEEE Symposium on Security and Privacy in San Jose, USA. According to the researchers, there are two types of attack scenarios that could be leveraged via BGP hijacks to cripple the Bitcoin ecosystem: hijacking mining proceeds, causing double-spending errors, and delaying transactions. These two (partition and delay) attacks are possible because most of the entire Bitcoin ecosystem isn't as decentralized as most people think, and it still runs on a small number of ISPs. For example, 13 ISPs host 30% of the entire Bitcoin network, 39 ISPs host 50% of the whole Bitcoin mining power, and 3 ISPs handle 60% of all Bitcoin traffic. Currently, researchers found that around 100 Bitcoin nodes are the victims of BGP hijacks each month.

Re:Absolutely please do this!

[RotateLeftByte]

hide everything?
Oh you mean using steganography in Cat Videos?

This article is mostly garbage.

Bitcoin has plenty of problems that need, but these issues aren't them.

This article describes fairly generic things and jumps to insane conclusions, eg:

"These attacks can be used to sneakily siphon off some of the mining proceeds into an attacker’s account."

This sort of statement is totally wrong and not backed up by how that can work (It can't)

ISPs can hinder anything.

[aglider]

ISPs Could Take Down Large Parts of ANY Ecosystem If They Wanted To.
They can divert or block any traffic it's flowing through.
And there's little the users can do against it.
So that article isn't bringing anything new!

Re:ISPs can hinder anything.

[codebonobo]

The mining computation should be changed to calculate for folding@home.

Bitcoins security model is dependent upon a PoW which must have a very granular difficulty adjustment where blocks are discovered on a Poisson Distribution curve. Searching for primes or folding@home would not fulfill this requirement. Additionally, It is necessarily wasteful as part of bitcoins security model due to the fact that real costs must be sunk into attacking the currency instead of simply bootstrapping it to some other task you would be doing anyways for no added cost.

The great news is that most mining these days is using unused excess hydroelectric from Chinese dams and the heat can be recycled. Additionally, the "wasted" energy need not scale with the price of bitcoin as originally expected due to the fact that payment channels can heavily subsidize block reward with tx fees and the security of the network will depend both upon decentralized LN nodes being subsidized(which use practically no electricity) by sharing tx fees with miners

If this holds true, who would ever want to spend bitcoin for anything?So bitcoin mining would be pointless if there will be fewer and fewer transactions. People just want to buy and hold. Unless what they buy will not appreciate. Then they dump and run. That makes bitcoin mining pointless because bitcoins wouldn't be worth anything.

All this fear could dissipate if bitcoin mining were to calculate useful results. People would be encouraged to use bitcoin in their lives because the mining actually benefits everyone.

This is an often repeated fear from Keynesian economists that high deflation will cause hoarding and a "deflationary death spiral in bitcoin" , The data shows the opposite, during periods of high appreciation(deflationary adoption bubbles) bitcoin users give more to charity and spend more on goods and services. This is thought to be because of the wealth effect , where users feel more comfortable spending because they feel more wealthy due to them being wealthier in reality. This is also similar to purchasing a laptop that will become obsolete in 6months to 1 year, one always knows the next model will be released in the future but realizes they still need a laptop now and will spend the money regardless.

That makes bitcoin mining pointless because bitcoins wouldn't be worth anything.

Have you seen the price lately? Please check the 8 year returns , 1 year returns , and 1 week returns. Bitcoin stopped being simply used for speculation a very long time ago and now is has a circular economy of users who have an inelastic demand that need bitcoin to survive. Yes, plenty of speculating (when did saving money become such a naughty word?) , but the real life utility is undeniable as well for whitemarket or blackmarket use cases.

Re:ISPs can hinder anything.

[aglider]

Why would anyone hate bitcoin?

Maybe because it's not bank-controlled?
Maybe because it's not government-controlled?
Maybe because of both?

Re:ISPs can hinder anything.

[tommeke100]

Bitcoin is already sort of a Gold Standard. Because the release of new bitcoins that can algorithmically be mined is limited and the current valuation and pervasiveness of bitcoins in general, it's a better standard than any currency, where they could just manipulate the course by printing more money or buying more gold.

Re:ISPs can hinder anything.

[codebonobo]

This may have been true in 2010 but much has changed since than. An inelastic demand indicates a client base who depends upon bitcoin regardless of price, premium over spot, or tx fees. This is principally driven by darknet markets of drugs, prostitution, online gambling, capital flight, and ransomeware. There are also whitemarket use cases like saving 18% off everything on amazon (not including the savings I make from appreciation) but it is the blackmarket that gives bitcoin its true utility. Sometimes this form of regulatory arbitrage is used for ethical blackmarket cases like donations to wikileaks or Venezuelans buying food, but the end result is the same, utility and demand for bitcoin.

Re:ISPs can hinder anything.

[codebonobo]

But what good are returns if you never actually get anything from Mining. I've left Bitcoin installs running for weeks and never gotten a single Satoshi. No way it's paying for the electricity bill.

So why do _I_ join up and give my support to the blockchain network?.

Bitcoin mining is very professional and competitive. You need to mine in a pool (I suggest p2pool), use a modern ASIC, and have access to very cheap electricity to be profitable. There are many other ways to support bitcoin besides mining like running a full node, buying bitcoins, contributing code, writing manuals , peer review, education, ect...

Re:BGP not fixed?

[Chrisq]

For crying out loud. They still haven't fixed BGP? I remember reading about stuff like this in the 90s.

If the Wiki article is anything to go by this is through complacency.:

Although security extensions are available for BGP, and third-party route DB resources exist for validating routes, by default the BGP protocol is designed to trust all route announcements sent by peers, and few ISPs rigorously enforce checks on BGP sessions.

This sort of thing is really frustrating, a fix available but nobody bothers!

Re:Detection

I don't think that was Einsteins point.

Re:BGP not fixed?

[Opportunist]

So is a fix for other horribly insecure critical internet infrastructure like DNS and DHCP. But using them costs money. And in this particular case of BGP, the ones that could secure it even have a good reason to leave it insecure.

Wrong

These attacks can be used to sneakily siphon off some of the mining proceeds into an attacker’s account.

Wrong. Mining proceeds are protected by a private key. Nothing an ISP can do will reveal that private key, thus they cannot siphon proceeds.