Can I detect a 51% attack as a developer

1

Generally, no, not until it's too late.

A typical 51% attack would look like this:

Attacker privately starts mining their own chain, which diverges from the main chain at some block N.

Attacker deposits coins to your business, sending them from address A. Call this transaction X.

Attacker inserts in his own chain a transaction X' which conflicts with X; typically X' sends the coins from address A to another address belonging to the attacker.

Attacker waits for several confirmations of transaction X, in blocks N+1, ..., N+6 (replace 6 with however many confirmations your business wants) of the main chain.

Once there have been enough confirmations to satisfy you, you deliver goods or services to attacker.

Attacker releases his own chain, which now has blocks up to, say, N+50. Being longer, this chain is accepted by the network. This chain doesn't contain the transaction X but instead X', so you don't have the coins you thought you...

0 0
2

Can such attacks be detected? Yes.

What you would see is a chain reorganization that invalidates a large (greater than three) number of previously-accepted blocks. The standard client will actually log this -- you'll see a REORGANIZE in the client's debug.log file. The client doesn't currently log the number of blocks invalidated by the reorganization, but that's a simple enhancement.

Can honest users revert such attacks? Sort of.

If a transaction you care about is in the set of blocks that was invalidated, you can always resubmit that transaction. Unless the sender issued a conflicting transaction as part of a double-spend attack, the transaction will still be valid. (The network will actually do this for you automatically. Miners don't want to miss out on the chance to grab the transaction fees associated with the undone transactions.)

As a longer-term solution, there have been proposals discussed to reject reorganizations that invalidate suspiciously...

0 0
3

French authorities have launched a terror investigation into the knife-wielding teenager who tried to breach security at the Eiffel Tower in Paris. The eighteen-year-old was reportedly a patient at a mental hospital.

The suspect told the police he intended to kill one of the soldiers stationed at the Eiffel Tower and that he had been in contact with an "Islamic State" member, multiple news agencies reported early on Monday, citing judicial sources.

Read more: France launches terror probe into former soldier planning IS attack

On Saturday night, the man pushed past a security guard at the famous tourist site and approached a soldier, wielding a blade and shouting "Allahu akhbar" or "God is great" in Arabic. However, he was quickly surrounded by the security personnel at the site and surrendered without resistance. No one was injured and no shots have been fired, according to a Paris police official cited by the AP news agency.

Security forces decided to...

0 0
4

THE MDC-T has moved to distance itself from Sunday skirmishes in Bulawayo that saw the assault of its Deputy President Thokozani Khuphe and some party regional leaders opposed to the party joining a multi-party opposition alliance.

In a statement, MDC-T national spokesperson Obert Gutu said the embarrassing incident could be the works of state agents out to throw spanners in the wake of a coalition arrangement fronted by party leader Morgan Tsvangirai.

Khuphe and other heavyweights such as party national chair Lovemore Moyo and organising secretary, Abednico Bhebhe did not attend a coalition launch rally in Harare on Saturday, leaving their commitment to the process in question.

And in comments directed at party dissenters, Tsvangirai on Saturday had harsh words for “selfish” lieutenants he said were putting the security of their positions ahead of the interests of a majority that longed to see the end of Zanu PF rule.

But as fate would have it, Khuphe...

0 0
5

There are several different types of DDoS so any generic information about them may only be correct for one particular type. For instance, the idea that a DDoS always exhausts your bandwidth is incorrect. What you need to do is analyse (some of) the traffic, determine why it's breaking your site, find a way of identifying it and then decide on an action that can block the traffic.

DDoS traffic probably doesn't look like real traffic but what makes it different is not necessarily the quantity. During a recent DDoS we had, our hosting provider decided to block the top ten highest connecting IP addresses. These, of course, all had nothing to do with the DDoS and one of them was actually the Google bot. They would have blocked our office except that they recognised the IP address. The standard advice to use netstat, sort and uniq to find the highest connections is not necessarily good advice.

Our DDoS was a SYN-flood, which means a couple of things for detection:

...
0 0
6

DEFINITION of '51% Attack'

51% attack refers to an attack on a blockchain – usually bitcoin's, for which such an attack is still hypothetical – by a group of miners controlling more than 50% of the network's mining hashrate, or computing power. The attackers would be able to prevent new transactions from gaining confirmations, allowing them to halt payments between some or all users. They would also be able to reverse transactions that were completed while they were in control of the network, meaning they could double-spend coins.

They would almost certainly not be able to create a create new coins or alter old blocks, so a 51% attack would probably not destroy bitcoin or another blockchain-based currency outright, even if it proved highly damaging.

BREAKING DOWN '51% Attack'

Bitcoin and other cryptocurrencies are based on blockchains, otherwise referred to as distributed ledgers. These digital files record every transaction made on a cryptocurrency's...

0 0
7

Question: Is there any way to detect this behaviour and prevent it?

There actually are 2 separate questions: (1) how to detect, and (2) how to prevent it?

[simulated locations] callback returns almost immediately after calling startUpdatingLocation, and then repeatedly called every exactly one second. Also the locations are all the same if we choose a fixed location. Here is an example:

location: +/- 5.00m (speed -1.00 mps / course -1.00) @ 30.03.15 14:12:48 Час: Індокитай location: +/- 5.00m (speed -1.00 mps / course -1.00) @ 30.03.15 14:12:49 Час: Індокитай location: +/- 5.00m (speed -1.00 mps / course -1.00) @ 30.03.15 14:12:50 Час: Індокитай location: +/- 5.00m (speed -1.00 mps / course -1.00) @ 30.03.15 14:12:51 Час: Індокитай location: +/- 5.00m (speed -1.00 mps / course -1.00) @ 30.03.15 14:12:52 Час: Індокитай location: +/- 5.00m (speed -1.00 mps / course -1.00) @ 30.03.15 14:12:53 Час: Індокитай location: +/- 5.00m (speed -1.00 mps / course -1.00)...
0 0
8

Learn about the difference between full vs simplified modes, and how a bitcoinj app can be attacked.

Introduction

bitcoinj supports two different modes for your application: full verification and simplified verification. The mode you choose controls the resource usage of your application and how much trust you need in other participants in the Bitcoin system. As a developer, it’s important you understand the differences and in which situations your app can or cannot be trusted.

Firstly, let’s recap how a regular full node works. The fundamental problem Bitcoin solves is achieving consensus on who owns what. Every node maintains a database of unspent outputs, and transactions that attempt to spend outputs that don’t exist or were already spent are ignored. Blocks are solved by miners and broadcast to ensure everyone agrees on the ordering of transactions, and so nodes that don’t see a broadcast transaction for some reason (eg, they were offline at the time) can...

0 0
9
Get Trading Recommendations and Read Analysis on Hacked.com for just $39 per month.

The bitcoin community has been critical for the past two days of the increasing hash rate of the biggest bitcoin mining pool Ghash which states that it is currently able to process 37.92 Ph/s leading to an estimation of 42% – 47% of the total network hashrate.

Ghash has not yet responded to requests for comments. However, in a press release issued in January 2014 to alleviate fears of 51% control of the total hashrate, Ghash, whose hashrate is stated to consist of approximately 45% BitFury ASIC based miners and 55% independent miners, publicly stated in clear terms that:

“GHash.IO does not have any intentions to execute a 51% attack… it could risk our investments in physical hardware and we see no benefit from having 51% stake in mining”.

Concerns however have been raised in response to suggestions that Ghash can be trusted even in the theoretical scenario that it gains 51%...

0 0
10

Is a keylogger running right now?

First, we'll assume you're using a stock Ubuntu system that X installed and that has always been under X's control -- where X is yourself or someone you absolutely trust.

Since this is a stock system and all software has been installed from the official repositories, you can be certain that there is no hidden keylogger in there, e.g. someone modifies the kernel specially to spy on you such that it is very hard to detect.

Then, if a keylogger is running, it's process(es) will be visible. All you need to do is use ps -aux, or htop to look at the list of all running processes and figure out if anything is suspicious.

The most common "legitimate" Linux keyloggers are lkl, uberkey, THC-vlogger, PyKeylogger, logkeys. logkeys is the only one available in the Ubuntu repositories.

Did I accidentally download a trojan/virus keylogger?

Usually this risk is very minimal on Ubuntu/Linux because of the privileges (su)...
0 0
11

Here is what your website may look like after a successful Denial of Service Attack:

At this point, your web server has given up on trying to service new requests. Using software, the hacker has simulated a very large number of people (or connections) to your website, your website is no longer able to handle all these connections, and you and your customers see an error message when you visit your website.

Note that you can also get this error message if you make a mistake when deploying your website, or if your webserver implements memory limits and your site uses too much memory (by displaying big data sets, or by doing big calculations, or ...), or if your web application crashes (you wrapped all your page events in try/catch blocks, right?). However, if you are certain that you have not recently changed your website in any way, and you are sure that your website programming is sound, then read on.

...

0 0