pull down to refresh
3 sats \ 3 replies \ @itsrealfake OP 27 May 2022 \ parent \ on: How could we further decentralize the codebase for bitcoin? bitcoin
i appreciate the response.
careful about assuming the value of the raspberry pi. it isn't a secure computing environment. 2 of its 6 cores are closed source, and those are the cores used to boot the machine. (3)
tor, it appears, has been owned for a long time. (1)
in the event of a network warfare event, i assume that every internet connected rPi will be susceptible to being consumed (then attacked in retaliation) as part of a botnet.
imo, simple software is great. yet Umbrel is also a centralized service provider (for now, i'm aware there are efforts underway to resolve that to some degree). how many Umbrel (or any software we rely on as bitconers) devs could be coerced, or fooled to incorporating seemingly innocuous changes to the stack that are chained together to result in calamity. (2)
tl;dr- bitcoin itself needs to be hardened. relying on the rest of the porous web technology stack to support bitcoin in the event of a sustained, coordinated, multi-party network war is a hazard.
1 - https://www.pcmag.com/news/black-hat-cancels-presentation-on-cracking-tor
2 - https://www.theregister.com/2001/01/25/directv_attacks_hacked_smart_cards/
3 - https://ownyourbits.com/2019/02/02/whats-wrong-with-the-raspberry-pi/
Tor isn't pwned, stop FUDding. Even the article itself says that the bug isn't all that bad and that they are working on fixing it. And besides, almost every time the government has deanonymized Tor users it was because of their shitty OPSEC. And we have I2P anyway, so we aren't fucked even if Tor gets broken.
reply
This. Side channel attacks on Tor to break unlinkability are certainly possible in theory. But in practice the Tor network is pretty strong.
reply
I don't know much of anything about Tor, but a cancelled presentation evidence does not make.
I did find this
https://ieeexplore.ieee.org/abstract/document/9343014
reply