On Tue, Mar 12, 2013 at 8:10 AM, Luke-Jr <luke@dashjr.org> wrote:

I think we should be careful not to downplay the reality either.
For a number of hours, transactions could have received up to N confirmations
and then still been reversed. While we could contact the bigger payment
processors, I saw people still trying to buy/sell on OTC, whom could have been
scammed even by taking standard precautions.

I don't want to misrepresent what happened, but how much of that was really a risk?  The block was rejected, but the transactions were not.  Any valid transactions to hit the network would get added to everyone's memory pool and mined in both chains.  Thus all nodes would still reject double-spend attempts.  As far as I understood it, you would've had to have majority mining power on one of the chains (and both had non-negligible computing power on them), so double-spending still required an exceptional amount of resources -- just not the normal 50% that is normally needed.  Perhaps... 10%?   But how many people can even have 10%?  In addition to that, a victim needs to be found that hasn't seen the alert, is willing to execute a large transaction, and is on the wrong side of the chain.

Is this incorrect?  Yes, there was less resources needed to execute an attack -- but it still required a very powerful attacker, way outside the scope of "regular users."

 

------------------------------------------------------------------------------
Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester
Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the
endpoint security space. For insight on selecting the right partner to
tackle endpoint security challenges, access the full report.
http://p.sf.net/sfu/symantec-dev2dev
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development