51% HASHRATE COINMINE.PL !!!

alex-ru

Grizzled Member
Dash Support Group
Jul 14, 2014
2,374
3,242
1,183
Hi,
I think you put too much attention to botnet miner because hanlab user is responsible for 41% of total hashrate in last 24 hrs. All remaining users (approx 176) on my pool generated 15% of blocks in last day. The real problem is that there is not so many miners in total to even the hashrate distribution.
The problem is: ordinary miners have to pay for electricity and so on, but hanlab not.

So ordinary miners just can't compete with bonnet(-s) and leave Dash. It isn't normal situation. And as we can't setup many "competing botnets" - it is better to kill this existing one to return to normal miners competition.
 
  • Like
Reactions: raganius

eth1

Member
Jul 1, 2014
40
64
58
Quebec, Canada
SuchPool.pw
Hi,

I think you put too much attention to botnet miner because hanlab user is responsible for 41% of total hashrate in last 24 hrs. All remaining users (approx 176) on my pool generated 15% of blocks in last day. The real problem is that there is not so many miners in total to even the hashrate distribution.

I am repeating this again and again - I am not a malicious pool operator and I am not going to break Dash network. I even do not have such skills to do it.

My pool has IP DDoS protection but even if someone would like to stop my pool and takeover the network I believe 80% of the miners (hanlab for sure) have some backup pool configured - all hashrate will go to other pools securing the network from attacker.

Cheers,
feeleep
Greetings,

Even if you claim not to be a malicious operator your pool could get hacked and become the base of malicious activities and that even without you knowing at first. Yes, there is Hanlab but you forgot the large botnet being hosted with the over* users (now anonymous). The majority of the hashrate you are hosting comes from unknown sources.

Dash is supposedly the symbol of decentralization with it's masternode system and you are proving it's not really because the coin creation is pretty much centralized.

Being a good player and responsible you would encourage users to move their hashrate around (with more than a simple banner on your pool, we both know this doesn't do anything) as we did when we reached close to 50%.

Cryptocurrency is a trustless environment and there is so much money involved I consider one pool having over 50% a great threat at any time whoever is running it.

My 2 cents.

TL;DR? Spread hashrate, centralization is no good and goes against DASH's core principles.
 
Last edited by a moderator:

Syntax360

New Member
Apr 9, 2014
29
33
13
There may be a very simple answer to this - I'm the furthest thing from an expert - but doesn't InstantX "solve" this problem with transaction locking? Why not push an update that makes/enforces InstantX as default? Wouldn't that solve the issue, with the added bragging points of being the first coin to "solve" this inherent flaw in PoW coins?
 

feeleep

New Member
Oct 18, 2014
29
33
13
The problem is: ordinary miners have to pay for electricity and so on, but hanlab not.
Hi,

hanlab is nicehash as far as I know...

EDIT:
Anyway - I can do few things but I cannot force miners to move somewhere else. This is actually miner choice what he is doing with his hashrate. Problem exist in hashrate centralisation, because as I said peviously hanlab (nicehash?) itself generates about 40% of DASH blocks every day. They could do their own pool and with some luck have 51% of power. it looks like majority of Dash network is in few hands only and either hanlab will find more profitable coin to mine or Dash will increase value so more miners will come.
 
Last edited by a moderator:

bhkien

Active Member
Mar 31, 2014
454
282
133
Canada
vietriches.com
If Dash always need at least one instantX confirm and the the InstantX always reject mining transaction from miner which has more than 50% of hashing power.

In that case we don't need to worry about that problem.
 
  • Like
Reactions: Syntax360

qwizzie

Well-known Member
Aug 6, 2014
1,552
729
183
I'm not liking the silence of the dev-team on this matter, this situation is creating a lot of unrest on both this forum and on the Bitcointalk forum.
A simple "we are working on a solution" would do at this point, just give some feedback to the community.

Is it something that update version 13 can possibly fix ? Has dev-team talked about this internally ? What are our options ?
Doesn't this directly undermine the marketing campaign and dev-team commitment to use that marketing campaign to get a higher Dash price ?
 
  • Like
Reactions: buster and Jeztah

splawik21

Grizzled Member
Dash Core Team
Moderator
Foundation Member
Dash Support Group
Apr 8, 2014
1,917
1,274
1,283
qwizzie, admin of coinmine.pl is is close contact with the devs and they do the moves to bring the hashrate lower at lvl 30-35%
 

alex-ru

Grizzled Member
Dash Support Group
Jul 14, 2014
2,374
3,242
1,183
The other miner or miners are a different story, according to this:
http://biersteker.tweakblogs.net/blog/11915/hidden-cryptominers-in-game-torrents
Did anyone contacted antivirus companies?

I guess It should be done in good English, here is some places to send the virus alarm:

[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],

web-form:
https://virusdesk.kaspersky.com
http://www.google.com/safebrowsing/report_badware/
http://www.scumware.org/add_url.scumware
http://z-oleg.com/secur/avz/uploadu.php
http://www.siteadvisor.com/sites/domain/writeComments?firstTry=1&section=domainSuggestion
http://www.c-sirt.org/
https://www.badwarebusters.org/community/submit
http://cybertopcops.com/report-malware-sites.php
http://global.sitesafety.trendmicro.com/
http://cybercrime-tracker.net/submit.php
http://app.webinspector.com/
https://analysis.avira.com/ru/submit-urls
https://support.drweb.com/new/urlfilter/
http://www.crdf.us/#contact
http://www.fortiguard.com/contactus.html
http://www.malware.com.br/contrib.shtml
http://www.malwaredomainlist.com/contact.php
https://www.stopbadware.org/report-badware
http://www.abuse.ch/?page_id=4727
https://support.avast.com/Tickets/Submit/RenderForm
http://antivirus.baidu.com/en/submit-url.php
https://analysis.f-secure.com/portal/login.html
 
Last edited by a moderator:
  • Like
Reactions: DrDeepweb

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
Did anyone contacted antivirus companies?

I guess It should be done in good English, here is some places to send the virus alarm:

[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],
[email protected],

web-form:
https://virusdesk.kaspersky.com
http://www.google.com/safebrowsing/report_badware/
http://www.scumware.org/add_url.scumware
http://z-oleg.com/secur/avz/uploadu.php
http://www.siteadvisor.com/sites/domain/writeComments?firstTry=1&section=domainSuggestion
http://www.c-sirt.org/
https://www.badwarebusters.org/community/submit
http://cybertopcops.com/report-malware-sites.php
http://global.sitesafety.trendmicro.com/
http://cybercrime-tracker.net/submit.php
http://app.webinspector.com/
https://analysis.avira.com/ru/submit-urls
https://support.drweb.com/new/urlfilter/
http://www.crdf.us/#contact
http://www.fortiguard.com/contactus.html
http://www.malware.com.br/contrib.shtml
http://www.malwaredomainlist.com/contact.php
https://www.stopbadware.org/report-badware
http://www.abuse.ch/?page_id=4727
https://support.avast.com/Tickets/Submit/RenderForm
http://antivirus.baidu.com/en/submit-url.php
https://analysis.f-secure.com/portal/login.html
I don't think you get it. If someone has an antivirus installed, most of the time it will warn them if they download software through torrents and from a not trusted site, but because they want the software, they bypass the antivirus warning.

So, I'm not sure what you want me to tell these antivirus software companies? :)
 

alex-ru

Grizzled Member
Dash Support Group
Jul 14, 2014
2,374
3,242
1,183
I don't think you get it. If someone has an antivirus installed, most of the time it will warn them if they download software through torrents and from a not trusted site, but because they want the software, they bypass the antivirus warning.

So, I'm not sure what you want me to tell these antivirus software companies? :)
If program has undeclared functionality that harms users (in our case - is using their CPU+GPU power without their permission for DASH mining) - this program can be classified as virus.

After this file's semantics will be added to antivirus databases - all users who is downloading-installing-running this "game" will be warned that they get not just a "game" but "game with built-in virus". It will eliminate the number of users who will run such a game.
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
If program has undeclared functionality that harms users (in our case - is using their CPU+GPU power without their permission for DASH mining) - this program can be classified as virus.

After this file's semantics will be added to antivirus databases - all users who is downloading-installing-running this "game" will be warned that they get not just a "game" but "game with built-in virus". It will eliminate the number of users who will run such a game.
If someone doesn't want their computer to be harmed, they would not download illegal software to begin with, and they would pay attention to their antivirus software warnings... But many people don't care and because they don't want to pay for software, they get whatever is "free" out there, even if their antivirus software tells them not to do it. They will disable the antivirus and get it anyway. I hope you understand this.

We can't fix stupidity, like camosoul said... lol..
 
  • Like
Reactions: TaoOfSatoshi

Jeztah

Active Member
Oct 9, 2014
181
145
103
I'm not liking the silence of the dev-team on this matter, this situation is creating a lot of unrest on both this forum and on the Bitcointalk forum.
A simple "we are working on a solution" would do at this point, just give some feedback to the community.

Is it something that update version 13 can possibly fix ? Has dev-team talked about this internally ? What are our options ?
Doesn't this directly undermine the marketing campaign and dev-team commitment to use that marketing campaign to get a higher Dash price ?
I think it's gone on far too long and we are continually being hurt by this in the markets. I do have to say though that this guy is brilliant for this idea and may even have a built in way to update the code remotely on all his zombies. Changing things on our end may only be a temp fix.

Has anyone traced any of the coins to a wallet....or is (s)he D/S'ing everything?
 

TaoOfSatoshi

Grizzled Member
Jul 15, 2014
2,795
2,614
1,183
Dash Nation
www.dashnation.com
I think it's gone on far too long and we are continually being hurt by this in the markets. I do have to say though that this guy is brilliant for this idea and may even have a built in way to update the code remotely on all his zombies. Changing things on our end may only be a temp fix.

Has anyone traced any of the coins to a wallet....or is he D/S'ing everything?
And in addition, he may have done us a favor, as we get to tackle this problem head-on while the project is still relatively small. This is akin to a hacker revealing an exploit in the code.

If I know this Dev team, a solution to this has been or will be found soon, and we improve Dash again, getting it ready for prime time.
 
  • Like
Reactions: Jeztah

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
  • Like
Reactions: buster

bertlebbert

Active Member
Jul 17, 2014
670
289
133
Other than that the misappropriated hash is directed all at one pool, I don't understand why we care how or where that hash originates - the coins would still be mined... Is it just that we worry to see so many coins in the hands of this 'bad actor'?
 

alex-ru

Grizzled Member
Dash Support Group
Jul 14, 2014
2,374
3,242
1,183
Other than that the misappropriated hash is directed all at one pool, I don't understand why we care how or where that hash originates - the coins would still be mined... Is it just that we worry to see so many coins in the hands of this 'bad actor'?
Because we are losing all "normal miners" - they just can't compete with botnet(-s).

So it is not basically about money, but about fact the DASH (mining) network is being completely captured by centralized botnet operator(-s).
 
Last edited by a moderator:

alex-ru

Grizzled Member
Dash Support Group
Jul 14, 2014
2,374
3,242
1,183
alex-ru - I'm not even sure if this can work, but i'm thinking if we post on their community forums it might get someone's attention. Here's some links to their community:
I don't know about official communities (I think most of them is buying normal game without miners inside), but judging by Russian torrent trackers, It works like this:

1. Most software is distributed by torrents, with "fixes" (so for free). No problems with viruses, miners, ... in 95% cases.
2. As soon as Antivirus starts warning about the downloading file - people start crying on torrent forums "Virus alert inside - don't install it" and so on.
 

bertlebbert

Active Member
Jul 17, 2014
670
289
133
I know myself personally, and I think people generally - would not knowingly install or even d/l infected warez. But since much warez trigger false positives from anti-virus protections, many people often ignore such warning. Problem is so many unwitting users, using public trackers especially (of which there are many) have no idea what they're downloading, or who from.
 

qwizzie

Well-known Member
Aug 6, 2014
1,552
729
183
Because we are losing all "normal miners" - they just can't compete with botnet(-s).

So it is not basically about money, but about fact the DASH (mining) network is being completely captured by centralized botnet operator(-s).
Suppose the GPU miners made a switch to ASIC mining hardware, would that help with more evenly spreading the hashrate or is
current GPU botnet just too massive ?

link:

https://medium.com/@soleoshao/asic-dash-miner-is-in-town-f6b833d3fdcc
http://pinidea.io/
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183

alex-ru

Grizzled Member
Dash Support Group
Jul 14, 2014
2,374
3,242
1,183
Suppose the GPU miners made a switch to ASIC mining hardware, would that help with more evenly spreading the hashrate or is
current botnet just too massive ?

link:
https://medium.com/@soleoshao/asic-dash-miner-is-in-town-f6b833d3fdcc
http://pinidea.io/
"Normal miner" (with or without ASICs) should always care about being profitable - to compensate electricity, equipment, ... expenses.
"Unnormal miner" (botnets) have no expenses - so no ASICs can beat them (but may help a little bit...). The problem is miners wouldn't invest into ASICs if they can't recoup it's cost.
 

qwizzie

Well-known Member
Aug 6, 2014
1,552
729
183
"Normal miner" (with or without ASICs) should always care about being profitable - to compensate electricity, equipment, ... expenses.
"Unnormal miner" (botnets) have no expenses - so no ASICs can beat them (but may help a little bit...). The problem is miners wouldn't invest into ASICs if they can't recoup it's cost.
I'm starting to think there is only one true effective solution to our current hashrate problem, build in the possibility to blacklist any offending actor
(Pool / Miner reaching more then 50% of total hashpower) on Dash blockchain level. What if that botnet or any future botnets decide to use a pool
which isn't as ethical as coinmine.pl ? I also think this should be top priority for the dev-team if it isn't already or inform us how they look at it in terms of priority
 
Last edited by a moderator:
  • Like
Reactions: drkhouse and Jeztah

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
"Normal miner" (with or without ASICs) should always care about being profitable - to compensate electricity, equipment, ... expenses.
"Unnormal miner" (botnets) have no expenses - so no ASICs can beat them (but may help a little bit...). The problem is miners wouldn't invest into ASICs if they can't recoup it's cost.
I don't condone botnets, but I'm surprised there's not another hacker in our midst who can create one or more botnets to make the distribution a bit better.. lol..
ping poiuty ... ;)
 

crowning

Well-known Member
May 29, 2014
1,415
1,997
183
Alpha Centauri Bc
Hmh, the link shows an USB stick with an ALTERA Cyclone IV FGPA. I pretty much doubt that you can overclock this thing to 400 MHz (standard clock is 40 MHz if I remember correctly), but who am I to doubt those numbers.

And I think I remember someone telling me that it's a bit smallish for X11. And I think I remember this thread https://dashtalk.org/threads/darkcoin-fpga-mining-co-op.836/ .


BTW, a FPGA is no ASIC.
 
Last edited by a moderator:

raganius

cryptoPag.com
Foundation Member
Masternode Owner/Operator


It makes me think: Even though mining pools are a good way to spread miners risk (and small miners inclusion), the only thing it actually seems to be promoting is hashrate concentration. This way, hurting decentralisation. Endangering, in theory, the profits of the same miners, in the long run, simply because these miners seem to be motivated by short-term gains selfish-recklessness decisions (a real tragedy of the commons situation).

So, it seems, mining pools will tend to form mining cartels (extremelly dangerous), a situation opposite to the "satoshi" goals/philosphy. (Sorry if I am speaking non-sense, but that's how I am feeling after all that's been going on on our network).

Is the "no pools allowed" solution an acceptable topic for the DASH community? Can the DASH community start thinking about a solution to make mining pools impossible in our network?

What I need to know, beforehand is:
  • Is this "no pools" talk a taboo for us?
  • Technically, is it possible to implement this no-pool policy?
 

qwizzie

Well-known Member
Aug 6, 2014
1,552
729
183
we dont really have a taboo here but i think we will need the POW part as it strengthen our Multi-tier system.
we just need to figure out a way to balance those pools a bit more.
 
  • Like
Reactions: raganius

raganius

cryptoPag.com
Foundation Member
Masternode Owner/Operator
we dont really have a taboo here but i think we will need the POW part as it strengthen our Multi-tier system.
we just need to figure out a way to balance those pools a bit more.
Sure, I am totally pro PoW, because it has shown to be trustworthy. But (as a layman) I'd like to know if it is technically possible for the network to be pool-free, and if not having pools would be a viable solution after all (if it would not do more harm than good).

I "see" these possible future "mining cartels" as a huge problem, because they could control everything on the network, like enforcing a "minimal extortional fee", or blackmailing and excluding nodes or transacions, etc. But I have no technical basis at all... just speculation.
 

qwizzie

Well-known Member
Aug 6, 2014
1,552
729
183
Sure, I am totally pro PoW, because it has shown to be trustworthy. But (as a layman) I'd like to know if it is technically possible for the network to be pool-free, and if not having pools would be a viable solution after all (if it would not do more harm than good).

I "see" these possible future "mining cartels" as a huge problem, because they could control everything on the network, like enforcing a "minimal extortional fee", or blackmailing and excluding nodes or transacions, etc. But I have no technical basis at all... just speculation.
I suspect (thats just a theory though) that the proof of service / masternode network in the near future will have a lot more control over proof of work,
i just hope its rather sooner then later as i think its important this gets handled as soon as possible.

quote from Evan on i think the Bitcointalkforum with regards to the Big Thing (TM) that's coming :
The goal is to make a confirmationless wallet, where all transactions are protected by IX. 51% attacks become much less powerful in that case, they can't really touch IX. That would protect our millions of users we're currently shooting for (valid / non-illegal users btw), which leaves an attacker one option... to buy masternodes to attack Dash. We know how that will go.

We really do have an end-to-end solution to all problems within crypto now. I'm working on a 50+ page whitepaper that details the rest of the solution, I'm quite excited about it Grin

Here's another one for good measure. We have sub-quorums for super secure tasks, but we could implement full-quorum based actions the masternode network can take as a whole. For example, banning attacking pools from the network, people, countries, etc.
That last part (the quote) could explain why the dev-team is not making any specific comments on this pool situation at this time .. the solution could be part of the yet
undisclosed whitepaper(s)
 
Last edited by a moderator:

camosoul

Grizzled Member
Sep 19, 2014
2,265
1,130
1,183
I think it's gone on far too long and we are continually being hurt by this in the markets. I do have to say though that this guy is brilliant for this idea and may even have a built in way to update the code remotely on all his zombies. Changing things on our end may only be a temp fix.

Has anyone traced any of the coins to a wallet....or is (s)he D/S'ing everything?
Someone putting in that kind of effort to mine DASH must think it's valuable... The markets are full of dumb crack addicts who can't read the signs...
 
  • Like
Reactions: Jeztah

camosoul

Grizzled Member
Sep 19, 2014
2,265
1,130
1,183
I suspect (thats just a theory though) that the proof of service / masternode network in the near future will have a lot more control over proof of work,
i just hope its rather sooner then later as i think its important this gets handled as soon as possible.

quote from Evan on i think the Bitcointalkforum with regards to the Big Thing (TM) that's coming :


That last part (the quote) could explain why the dev-team is not making any specific comments on this pool situation at this time .. the solution could be part of the yet
undisclosed whitepaper(s)
I never understood why the masternodes themselves can't facilitate a distributed gateway type thing for mining to eliminate both, the problem of consolidation, and the potential for exactly this 51% business.

No need to pay the MNs any more. And the Miners can finally thank the Masternodes instead of calling it a tax... It makes sense... From the miners' limited, narrow perspective, they may as well get something for giving up that block reward, eh?

Proof of Work is essential. The fact that DASH still isn't an integral hybrid proof bothers me much more than the 51%+ situation... We have a 10 deep agreed vote queue... A unique hash dependent upon that could be part of the block proof. I realize that the way that is done might change, and upset the whole apple cart, which is why it hasn't been implemented. But someday, the best solution has to be found and nailed down. Then the block proof can finally be integrated.