Crippling DDoS Vulnerability Put the Entire Bitcoin Market At Risk

A major flaw was spotted in the Bitcoin network that could have allowed miners to bring down the entire blockchain by flooding full node operators with traffic, via a Distributed Denial-of-Service (DDoS) attack. "A denial-of-service vulnerability (CVE-2018-17144) exploitable by miners has been discovered in Bitcoin Core versions 0.14.0 up to 0.16.2." the patch notes state. "It is recommended to upgrade any of the vulnerable versions to 0.16.3 as soon as possible." The Next Web reports: Developers have issued a patch for anyone running nodes, along with an appeal to update the software immediately. As far as the attack vector in question goes, there's a catch: anyone ballsy enough to try to bring down Bitcoin would have to sacrifice almost $80,000 worth of Bitcoin in order do it. The bug relates to its consensus code. It meant that some miners had the option to send transaction data twice, causing the Bitcoin network to crash when attempting to validate them. As such invalid blocks need to be mined anyway, only those willing to disregard block reward of 12.5BTC ($80,000) could actually do any real damage.

Truth

[duke_cheetah2003]

Can we please just change the name of Bitcoin to CrimeCoin already? That's the only thing it's good for.

Re:Truth

[nohup]

What? That doesn't make any sense. The US Dollar is far better for crime and used a lot more than Bitcoin for crime. Bitcoin is trivially traceable and hard to spend unlike the dollar.

Bitcoin has a lot of valid legitimate uses, such as cheap cross border payments, a hedge against inflation for countries like Venezuela and Argentina, a means of people without established banking sectors to transact, etc. It's also very useful in cases where there is risk of counter-party payment reversals in traditional systems, which lowers fees for such use cases. Another great potential future use is very small micropayments, possible future implementation for API calls without having to setup complex infrastructure and again, cross-border in countries where traditional banking systems don't operate or use different currencies. One novel current use where traditional systems fail is in rapidly purchasing a LARGE amount of anti-DOS capability in a hurry without counterparty risk. There are many new and novel uses. Here's one other small example: https://cointelegraph.com/news...

Re: Truth

[Notabadguy]

Nowadays Bitcoin is only useful for speculation. It cannot be used for small payments because of the high transaction fees, and its value is too volatile...not to mention the energy cost associated with it.

That was true in November and December 2017, but you're rehashing peak from a year ago.

These days, transaction fees are pennies and timing is less than 30 minutes.

Also, the primary use of bitcoin around the non-darknet internet is for gambling and sports betting sites. Casinos that accept bitcoin instead of fiat currency. There are only a couple of states in the US with legal gambling, and I can't drive 20 hours on a whim to get to one of them. The US Treasury Department cracks down as hard as it can on any payment processing with fiat currency, and the payment processors obey.

Last month, I had a check from one of the most reputable online casinos 'bounce' because my bank couldn't cash it - because OFAC (Office of Foreign Asset Control) has the account tied to terrorism. You know, because gambling.

There are many sports betters out there, or casino gamblers without access to a casino - and none of those casinos are in the US. Bitcoin circumvents payment processor fees, currency exchange fees, and fees for fiat-based wire transfers or checks.

$82,500?

[stinerman]

Sure it might be $82,500 at time of publishing but later today it'll be $60,000, making the attack more likely. Of course, tomorrow it'll be $120,000, which makes the attack less likely.