XtendedView

  • Facebook
  • Pinterest
  • RSS
  • Twitter
  • Home
  • Technology
    • How to
    • News
    • Computer
    • Windows
  • Internet
    • WordPress
    • Web
    • Google
    • Marketing
    • Social Media
  • Gadgets
    • iOS
    • Android
    • Games
  • About
    • Our Team
  • Contact us

No DDoS attacks on Bitcoin Core system – for now

Author: Tushar Thakur   Last updated on: November 9, 2018    1 Comment  

On 18 September 2018, cryptocurrency developers, users, and investors heard shocking news. Programmers on the Bitcoin Core team announced a potentially dangerous security problem in the coin’s software. It seems that the cryptocurrency had been vulnerable to DDoS attacks for a year and a half before developers found the flaw.

DDoS attacks on Bitcoin

You might ask, “OK, but don’t DDoS attacks happen everywhere?” Yes, but not in a blockchain-based currency. Bitcoin Core is the most secure and valuable cryptocurrency on the planet. A successful attack would have brought transactions to a halt and destroyed its value, worth billions.

No one took advantage of the flaw. However, the causes and proposed solutions of this near-fiasco highlight the problems that arise when organizations ponder how to prevent DDoS attacks.

A Quiet Ultimatum

The September 18th announcement was a news bulletin. It was a request, but some Bitcoin Core community members thought was a warning. The message: update Bitcoin Core software or risk having the whole Bitcoin Core network collapse. Several recent versions of the Bitcoin Core code were vulnerable to DDoS attacks. The problem involved Bitcoin Core wallet software, which could potentially be exploited by anyone who could mine the cryptocurrency.

The potential risk didn’t lie in stealing money out of cryptocurrency wallets. Instead, crypto mining computers could serve as launching pads for a DDoS attack. The vulnerability made it possible for malicious traffic to flood the currency’s peer-to-peer network or overwhelm computers that run crypto mining software.

Dodging the DDoS Bullet

The vulnerability had been in existence since March 2017. An attack never happened, and no one knows why. Developers speculated that nobody spotted the bug or that nobody was intent on incurring the expense of exploiting it.

That’s right—a successful attack on the Bitcoin Core network came with a huge price tag. To breach the system, potential attackers would have to use resources costing twelve and half bitcoins (or almost $80,000 in September 2018.)

The Importance of what didn’t Happen

There’s no evidence that anyone exploited the vulnerability, so you might say that this story is about what never happened. Why not chalk it up to enormous good luck and be done with it? Two excellent reasons: money and a possibly dangerous assumption:

  • A mountain of money at risk. Bitcoin Core is the most popular and valuable cryptocurrency on the planet, with a market capitalization of $100 billion. Much of its value depends on the security and stability of its blockchain technology. Think of the damage that a destabilizing DDoS attack might do.
  • Affordable DDoS attacks. Although $80,000 is not petty cash, it is, as one analyst said, less money than “a lot of entities would pay for a zero-day attack on many systems.” Some highly motivated people might try to take the Bitcoin Core network down.
  • Confidence in decentralization. The concept that decentralized nodes (cryptomining computers) avoid risk is central to blockchain technology. Developers and investors believe that Bitcoin Core mining computers are too decentralized to be brought down in a single overwhelming attack. There’s no proof of immediate danger. However, the vulnerability suggests that someone might be thinking ahead to a future attack.

When developers discovered the Bitcoin Core flaw, they responded with a software update to block the vulnerability. Then, they joined other members of the Bitcoin Core community for a badly needed discussion. Their topics: software QA, testing, and ongoing code review processes.

A Software Patch and Many Points of View

Bitcoin Core developers urged crypto miners to change their software with the latest version as soon as possible. The patch eliminated potential crashes by enabling the software to reject blocks of transaction data created during a DDoS attack.

Next, the discussion focused on how developers could identify and fix future bugs in the Bitcoin Core code if they occur. The developers didn’t agree on how to accomplish these goals, but they did discuss:

  • Building and using more sophisticated tests that can locate dangerous hard-to-find bugs.
  • Accelerating Bitcoin Core development by speeding up the code review process. However, this created a problem: few people have the skills to test blockchain code.
  • Assigning skilled testing specialists to Bitcoin Core development. Until developers find these specialists and get them to participate in the Bitcoin Core community, code review will continue being a bottleneck in Bitcoin Core development.

Learning Quality Assurance, the Hard Way

Bitcoin Core community members might have avoided a catastrophe. However, their collective experience still provided them with several valuable lessons, including the following:

  • Rapid response is important. It’s not enough to install bug fixes quickly after finding a vulnerability. Mandatory software upgrades must be delivered and installed quickly, too.
  • Depending on only one development team to run QA is risky. Using several development teams encourages different approaches, which increases the chance of finding and fixing exotic bugs.
  • All team members must pay better attention to what’s in the code. When the dust settled, developers had time to review what happened. Several admitted that the community messed up by not reviewing and reporting consensus changes thoroughly enough. One programmer even mentioned that the code in question looked funny. He assumed others had already checked it. Then, he moved on to other work.

Developing and maintaining complicated software in an open source environment is always tricky. Assuming that team members are vigilant (so, you don’t have to be) is downright risky. Until Bitcoin Core developers decide on a comprehensive process, their only practical solution is prevention. That means collaborating, being vigilant, being thorough, and participating in community efforts.

Filed Under: Internet   

More on XtendedView Right Now!

  • Considerations To Make While Choosing An Elearning Authoring Tool

  • TOP-5 Search Systems Besides Google and the Training They Provide

  • Creating a Successful Marketing Plan for Your Etsy Business

  • Web Hosting – Linux Vs Windows what’s better and why

About Tushar Thakur

Tushar is founder of Xtendedview. He love to experiments on different gadgets, software/apps. He is professional blogger and Internet marketer. He is Interested in electronics and computers, Internet technology, Search Engine Optimization, Internet Marketing. Running online business and Blogs

Tushar has written 518 awesome articles for us at XtendedView.

  • Find Tushar On
❮
Max Converter Review – An Effective Online Video Converter for Every Need
❯
How to Prepare Your Website for The Busiest Time of The Year

Comments

  1. Terragreen says

    at

    thank you for sharing great post

    Reply

 Comment Policy

Your words are your own, so be nice and helpful if you can. Please, only use your REAL NAME, not your business name or keywords. Using business name or keywords instead of your real name will lead to the comment being deleted. Anonymous commenting is not allowed either. Limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please. You can wrap code in [lang-name][/lang-name] tags.


Tell us what you're thinking... Cancel reply

If you want a picture to show with your comment, then get Gravatar!

Connect on Facebook

How To Tech

Latest Articles

  • Top 5 Grammar Checkers (Must Have Tools)
  • How to Fix Mouse Lag in Windows 10
  • How To Change MAC Address Of Android With or Without Rooting
  • 8 Best SpeedFan Alternatives for Computers for Windows and Mac

Featured Articles

  • How to Turn off Laptop Screen Manually
  • Best Alternatives for Logic Pro X on Windows 10
  • Digital Ocean Review: Cheapest cloud hosting
  • How to run Android applications on MAC
  • How to remove login password from windows 8
  • How to Play Android games on Windows PC

Trending Topics

  • Android 22
  • Apps 20
  • Automobile 5
  • Blogging 32
  • Business 108
  • Computer 130
  • Education 12
  • Games 13
  • Games 7
  • Google 13
  • How to 75
  • Internet 232
  • Marketing 10
  • Mobile 51
  • Technology 216
  • Windows 16
  • Wordpress 13
  • Some Rights Reserved. Xtendedview | Copyrights 2011-2025 | Site Map | Privacy Policy
  • XtendedView is built on WordPress
  • WordPress Hosting by Bluehost