Preventing is undoable and probably not even desirable. unethically-sourced is pretty vague, and its a thin line between a bot net, a borrowed, or rented PC.

However I wonder if there is a way we could help identify the victims of a bitcoin botnet somehow.  It may not be "bitcoin's job", but I also see no reason why we would not want to help law enforcement and AV companies to identify and take down these botnets. It would be good for bitcoin, and for the victims of these botnets.

I know luke published a patch that logs the IP of the relaying node, so that could be used to home in on the proxy being used to relay these blocks. Thats not a bad idea, but will probably not do a whole lot, as he switches proxies every few weeks. And its just a relaying proxy anyway, and most likely not the C&C node. Perhaps someone can think of a way to take it a step further to positively identify the IP of the machine that actually mined the bloc by somehow including it in the blockchain? Or of the machine that created the getworks ?

Just thinking out loud here.

Simply requiring 2+ tx per block is beyond useless.  Mystery could circumvent that in a day or less (or at least I could).

Absolutely right, I had Homer Simpson moment while writing that 

Read more carefully:




I agree that it's a longshot for the ISP to pass a message to their customer, but if Mystery keeps using new relays we may eventually get one that will work with us.

Of course, the end result is we just get a long list of IPs.  Tracking those down and notifying them is an uphill battle, and not worth my time, but if other people are up to it I'm happy to help get them a hit list.

Thank you very much for the re-explaination of the problem, much appreciated.
Is it possible to have the dump of those excluded blocks so to reply them for client development and verify the correctness of chain reorg?

I'm inclined to think that MM could do this "attack" only because no blocks were found in the whole network for around an hour, but I suppose this is statistically irrelevant, so I don't think this is a problem.

Also, I don't think that the date of the block is relevant too: the longest chain wins anyway, and a different time stamp would had no effect on the reorganisation of the chain, isn't?

Is it even possible? The network only hears from a compromised machine when it finds a block, and that machine will probably never find another block. It never hears from the 999,999 compromised machines that are CPU-mining and haven't found a block, yet any of those silent machines might be the one that finds the next block.

Considering the rate of 1txn blocks, wasn't it statistically inevitable that this would happen? I'd say that only if it happens again and we do the math and find that it is happening at a rate that is extremely unlikely by chance should we consider this to be "enemy action".

Another flaw here besides what would happen if the price crashes and many people stop mining: Drive the price up and MM has even more money at his disposal to extend his mining operation even faster (buy new fpgas, etc)! Considering falling subsidies for solar power, it could also be a solar park in Spain with an abundance of electricity.

In contrast to others I don't think ignoring it would be the best idea. Having read the Reuters article from today I'm wondering are we really so naive to think banking cartels are aware of Bitcoin and will continue to consider it too small to be a threat?

It could be an entity who is backed by a financial institution, government, or a billionaire who uses the system against itself. Reinvest revenues directly into more mining power until it passes the 51%. Then what? Game over? (Banking)-Terrorists win.

Edit: Fixed some typos.

I'm not worried about the idea. I'm worried about Bitcoin. It won't help us if we have invested our money in BTC. You and me likely won't trust 'BTC2' if 'BTC' fails, or would we? Such a failure would kill most of the trust in such a currency for a very long time. Long enough for banks to come up with their own system. What is to stop banks from copying this type of transaction verification system anyway? It won't be democratic, but it will probably 'work'. Even worse, they already have the trust of most people since everybody needs to rely on them (who doesn't need a bank nowadays besides cellphone-banking Africans?). Last time I checked the news, they are also trusted by the world's governments in the sphere of trillion dollar bail-out packages. All I'm saying is we might not get a second chance. Bitcoin should better not fail. Even if banks can't kill it, I'm certain they will try hard to somehow corrupt it.