14 Jan '13, 2pm

Fixed vulnerability explanation: Why the signature cache is a DoS protection. #bitcoin

I read a transcript of #bitcoin-dev (http://bitcoinstats.com/irc/bitcoin-dev/logs/2012/11/09 ) where jgarzik and, Sipa debated whether the signature cache was a performance optimization or a DoS protection and why. The sig cache is both of them. But the sig cache was included before performance was a problem because of the DoS protection requirement. The following attack against versions prior 0.6.3, e-mailed to Gavin on May-2012, explains it: 1. The attacker creates a transaction that pays 0.01 BTC to 100 different addresses. (The attacker must have 1 BTC). To avoid paying fees, the attacker can divide the transaction into slices, each one below 1 kilobyte.The attacker broadcasts the transactions and waits for confirmation. 2. Afterwards the attacker builds transactions grabbing 100 of his own prevouts and adding an additional prevout that he does not own. This prevout is...

Full article: https://bitcointalk.org/index.php?topic=136422

Tweets

@DrGlenBarry of @EcoInternet was amongst, if no...

forests.org 15 Jan '13, 4pm

To have meaning in guiding global ecological sustainability policy, these continental and global observations – and propos...

Ben Affleck deserved it!

argotea.com 14 Jan '13, 3am

SEASONAL DRINK ValenTea Passion® Passion fruit and Hibiscus flowers hot or iced, equally sinful Read More... Learn More> C...

.@appboy patches its servers after Ruby on Rail...

blog.appboy.com 11 Jan '13, 5pm

Earlier this week, a serious advisory was posted to the Ruby on Rails security discussion list . Unknown hacker groups had...