public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [Bitcoin-development] Area of Focus
@ 2014-12-20  7:42 Will Bickford
  2014-12-20  8:57 ` Matt Corallo
  2014-12-20 21:26 ` Jeff Garzik
  0 siblings, 2 replies; 9+ messages in thread
From: Will Bickford @ 2014-12-20  7:42 UTC (permalink / raw)
  To: bitcoin-development

[-- Attachment #1: Type: text/plain, Size: 438 bytes --]

Hi all, I'm looking to help with Bitcoin core development in my spare time
(a few hours per week).

A little bit about me:
* I use C++ and Qt daily
* I love to automate and enhance software systems
* I enjoy root causing and fixing issues

I saw Gavin say we needed help with testing in a Reddit AMA a while ago.
I'm curious where I can make the best impact. Any feedback would be
appreciated. Thanks!

Will Bickford
"In Google We Trust"

[-- Attachment #2: Type: text/html, Size: 640 bytes --]

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20  7:42 [Bitcoin-development] Area of Focus Will Bickford
@ 2014-12-20  8:57 ` Matt Corallo
  2014-12-20 10:08   ` Roy Badami
  2014-12-20 18:27   ` Christian Decker
  2014-12-20 21:26 ` Jeff Garzik
  1 sibling, 2 replies; 9+ messages in thread
From: Matt Corallo @ 2014-12-20  8:57 UTC (permalink / raw)
  To: bitcoin-development

There was recently some discussion around dnsseeds. Currently some
dnsseeds are getting blocked by ISPs because the hosts they pick up
(which run bitcoin core nodes) often run rather web servers alongside
which serve malware or whatever else and thus end up on IP-based malware
blacklists.

Of course we really dont want to move off of DNS because it has this big
built-in anonymity network where the DNS seed servers only get
information about your ISP, not you, and its cached so you dont get as
much information about how many users are making those requests.

A potential solution might be supporting some subdomain which has
results XORed with some constant mask to tweak the real IP.

Additionally, it might be cool to stuff a TXT/AAAA/whatever record with
a signature of the results provided by the DNSseed operator.

Matt

On 12/20/14 07:42, Will Bickford wrote:
> Hi all, I'm looking to help with Bitcoin core development in my spare
> time (a few hours per week).
> 
> A little bit about me:
> * I use C++ and Qt daily
> * I love to automate and enhance software systems
> * I enjoy root causing and fixing issues
> 
> I saw Gavin say we needed help with testing in a Reddit AMA a while ago.
> I'm curious where I can make the best impact. Any feedback would be
> appreciated. Thanks!
> 
> Will Bickford
> "In Google We Trust"
> 
> 
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> 
> 
> 
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> 



^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20  8:57 ` Matt Corallo
@ 2014-12-20 10:08   ` Roy Badami
  2014-12-20 11:14     ` Jeremy Spilman
  2014-12-20 18:27   ` Christian Decker
  1 sibling, 1 reply; 9+ messages in thread
From: Roy Badami @ 2014-12-20 10:08 UTC (permalink / raw)
  To: Matt Corallo; +Cc: bitcoin-development

Why would we want to have anything to do with people who are hosting
malware?  Or do I misunderstand?

On Sat, Dec 20, 2014 at 08:57:53AM +0000, Matt Corallo wrote:
> There was recently some discussion around dnsseeds. Currently some
> dnsseeds are getting blocked by ISPs because the hosts they pick up
> (which run bitcoin core nodes) often run rather web servers alongside
> which serve malware or whatever else and thus end up on IP-based malware
> blacklists.
> 
> Of course we really dont want to move off of DNS because it has this big
> built-in anonymity network where the DNS seed servers only get
> information about your ISP, not you, and its cached so you dont get as
> much information about how many users are making those requests.
> 
> A potential solution might be supporting some subdomain which has
> results XORed with some constant mask to tweak the real IP.
> 
> Additionally, it might be cool to stuff a TXT/AAAA/whatever record with
> a signature of the results provided by the DNSseed operator.
> 
> Matt
> 
> On 12/20/14 07:42, Will Bickford wrote:
> > Hi all, I'm looking to help with Bitcoin core development in my spare
> > time (a few hours per week).
> > 
> > A little bit about me:
> > * I use C++ and Qt daily
> > * I love to automate and enhance software systems
> > * I enjoy root causing and fixing issues
> > 
> > I saw Gavin say we needed help with testing in a Reddit AMA a while ago.
> > I'm curious where I can make the best impact. Any feedback would be
> > appreciated. Thanks!
> > 
> > Will Bickford
> > "In Google We Trust"
> > 
> > 
> > ------------------------------------------------------------------------------
> > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> > from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> > with Interactivity, Sharing, Native Excel Exports, App Integration & more
> > Get technology previously reserved for billion-dollar corporations, FREE
> > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> > 
> > 
> > 
> > _______________________________________________
> > Bitcoin-development mailing list
> > Bitcoin-development@lists•sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> > 
> 
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> 



^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20 10:08   ` Roy Badami
@ 2014-12-20 11:14     ` Jeremy Spilman
  2014-12-20 21:20       ` Matt Corallo
  2014-12-20 21:30       ` Gregory Maxwell
  0 siblings, 2 replies; 9+ messages in thread
From: Jeremy Spilman @ 2014-12-20 11:14 UTC (permalink / raw)
  To: bitcoin-development

On Sat, Dec 20, 2014 at 08:57:53AM +0000, Matt Corallo wrote:
>> There was recently some discussion around dnsseeds. Currently some
>> dnsseeds are getting blocked by ISPs because the hosts they pick up
>> (which run bitcoin core nodes) often run rather web servers alongside
>> which serve malware or whatever else and thus end up on IP-based malware
>> blacklists.

On Sat, 20 Dec 2014 02:08:17 -0800, Roy Badami <roy@gnomon•org.uk> wrote:
> Why would we want to have anything to do with people who are hosting
> malware?  Or do I misunderstand?

It sounds like Matt is saying the nodes the dnsseed is pointing to as  
valid full nodes, that those IPs are hosting the malware. Since the  
dnsseed picks up any stable nodes it can find without auditing, it's  
perhaps not surprising some servers in the world are running a full node  
and a malware server together.

I guess what confused me about this though, how are ISPs reading the  
dnsseed's node list, scanning *those* IPs for malware, and then ending up  
blocking the dnsseed? Seems like a pretty winding path to end up blocking  
a DNS server?

Since when do ISPs null-route a DNS server for happening to resolve some  
domains to IPs which happen to also be hosting some malware? Null-route  
those endpoint IPs sure, but the DNS server too? I guess there was that  
incident of Microsoft taking over No-IP.com -- are dnsseeds being blocked  
ostensibly because they are acting as dyanamic DNS infrastructure for  
malware sites?




^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20  8:57 ` Matt Corallo
  2014-12-20 10:08   ` Roy Badami
@ 2014-12-20 18:27   ` Christian Decker
  1 sibling, 0 replies; 9+ messages in thread
From: Christian Decker @ 2014-12-20 18:27 UTC (permalink / raw)
  To: Matt Corallo; +Cc: Bitcoin Development

Thanks for bringing this to my attention.

I added a safety check to my crawler and seed.bitcoinstats.com should
not return IPs that also run HTTP or HTTPS, hopefully this'll keep it
off blacklists :-)
--
Christian Decker


On Sat, Dec 20, 2014 at 9:57 AM, Matt Corallo <bitcoin-list@bluematt•me> wrote:
> There was recently some discussion around dnsseeds. Currently some
> dnsseeds are getting blocked by ISPs because the hosts they pick up
> (which run bitcoin core nodes) often run rather web servers alongside
> which serve malware or whatever else and thus end up on IP-based malware
> blacklists.
>
> Of course we really dont want to move off of DNS because it has this big
> built-in anonymity network where the DNS seed servers only get
> information about your ISP, not you, and its cached so you dont get as
> much information about how many users are making those requests.
>
> A potential solution might be supporting some subdomain which has
> results XORed with some constant mask to tweak the real IP.
>
> Additionally, it might be cool to stuff a TXT/AAAA/whatever record with
> a signature of the results provided by the DNSseed operator.
>
> Matt
>
> On 12/20/14 07:42, Will Bickford wrote:
>> Hi all, I'm looking to help with Bitcoin core development in my spare
>> time (a few hours per week).
>>
>> A little bit about me:
>> * I use C++ and Qt daily
>> * I love to automate and enhance software systems
>> * I enjoy root causing and fixing issues
>>
>> I saw Gavin say we needed help with testing in a Reddit AMA a while ago.
>> I'm curious where I can make the best impact. Any feedback would be
>> appreciated. Thanks!
>>
>> Will Bickford
>> "In Google We Trust"
>>
>>
>> ------------------------------------------------------------------------------
>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
>> with Interactivity, Sharing, Native Excel Exports, App Integration & more
>> Get technology previously reserved for billion-dollar corporations, FREE
>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
>>
>>
>>
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists•sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development



^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20 11:14     ` Jeremy Spilman
@ 2014-12-20 21:20       ` Matt Corallo
  2014-12-20 21:30       ` Gregory Maxwell
  1 sibling, 0 replies; 9+ messages in thread
From: Matt Corallo @ 2014-12-20 21:20 UTC (permalink / raw)
  To: bitcoin-development

Well, some ISPs, when they see an IP address serving malware, will
(apparently) simply replace DNS results for anything returning that IP
with a warning page.

One solutions is to just blindly block everything with HTTP(S), as
Christian has done, but this is a rather ugly solution, since many
perfectly good nodes will get caught in the crossfire. Hiding what
actual IPs we're returning in the results seems much cleaner, despite
being an ugly hack.

On 12/20/14 11:14, Jeremy Spilman wrote:
> On Sat, Dec 20, 2014 at 08:57:53AM +0000, Matt Corallo wrote:
>>> There was recently some discussion around dnsseeds. Currently some
>>> dnsseeds are getting blocked by ISPs because the hosts they pick up
>>> (which run bitcoin core nodes) often run rather web servers alongside
>>> which serve malware or whatever else and thus end up on IP-based malware
>>> blacklists.
> 
> On Sat, 20 Dec 2014 02:08:17 -0800, Roy Badami <roy@gnomon•org.uk> wrote:
>> Why would we want to have anything to do with people who are hosting
>> malware?  Or do I misunderstand?
> 
> It sounds like Matt is saying the nodes the dnsseed is pointing to as  
> valid full nodes, that those IPs are hosting the malware. Since the  
> dnsseed picks up any stable nodes it can find without auditing, it's  
> perhaps not surprising some servers in the world are running a full node  
> and a malware server together.
> 
> I guess what confused me about this though, how are ISPs reading the  
> dnsseed's node list, scanning *those* IPs for malware, and then ending up  
> blocking the dnsseed? Seems like a pretty winding path to end up blocking  
> a DNS server?
> 
> Since when do ISPs null-route a DNS server for happening to resolve some  
> domains to IPs which happen to also be hosting some malware? Null-route  
> those endpoint IPs sure, but the DNS server too? I guess there was that  
> incident of Microsoft taking over No-IP.com -- are dnsseeds being blocked  
> ostensibly because they are acting as dyanamic DNS infrastructure for  
> malware sites?
> 
> 
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> 



^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20  7:42 [Bitcoin-development] Area of Focus Will Bickford
  2014-12-20  8:57 ` Matt Corallo
@ 2014-12-20 21:26 ` Jeff Garzik
  2014-12-20 22:37   ` Will Bickford
  1 sibling, 1 reply; 9+ messages in thread
From: Jeff Garzik @ 2014-12-20 21:26 UTC (permalink / raw)
  To: Will Bickford; +Cc: Bitcoin Dev

[-- Attachment #1: Type: text/plain, Size: 1957 bytes --]

Getting back to the original topic...

I would recommend first taking a look at how the current tests are built
(via autoconf/automake) in src/test.  There are several surfaces to test,
RPC, REST, P2P, internal unit tests, and more.  Then, Travis applies a
second level of testing via the bitcoinj-based regression tests.

Some automated tests that operate at the Qt level would be interesting.  In
general, the current tests only scratch the surface of what Needs To Be
Tested...  but part of figuring out a good test is (a) knowing bitcoin and
(b) knowing the current test regimes.

Join #bitcoin-dev IRC and ask questions.  Read the bitcoin wiki.




On Sat, Dec 20, 2014 at 2:42 AM, Will Bickford <wbic16@gmail•com> wrote:
>
> Hi all, I'm looking to help with Bitcoin core development in my spare time
> (a few hours per week).
>
> A little bit about me:
> * I use C++ and Qt daily
> * I love to automate and enhance software systems
> * I enjoy root causing and fixing issues
>
> I saw Gavin say we needed help with testing in a Reddit AMA a while ago.
> I'm curious where I can make the best impact. Any feedback would be
> appreciated. Thanks!
>
> Will Bickford
> "In Google We Trust"
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
>
> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>

-- 
Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc.      https://bitpay.com/

[-- Attachment #2: Type: text/html, Size: 3006 bytes --]

^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20 11:14     ` Jeremy Spilman
  2014-12-20 21:20       ` Matt Corallo
@ 2014-12-20 21:30       ` Gregory Maxwell
  1 sibling, 0 replies; 9+ messages in thread
From: Gregory Maxwell @ 2014-12-20 21:30 UTC (permalink / raw)
  To: Jeremy Spilman; +Cc: Bitcoin Development

On Sat, Dec 20, 2014 at 11:14 AM, Jeremy Spilman <jeremy@taplink•co> wrote:
>> are dnsseeds being blocked
> ostensibly because they are acting as dyanamic DNS infrastructure for
> malware sites?

Pretty much appears to be the case. In every instance it appears to be
automated. This predates the msft no-ip.com stuff.
We also had similar problems with the IRC based method that the
software originally used.

It's the same story for mail relay spam blacklisting.  There is a
whole industry out there selling people semi-snake-oil blocking
solutions to make the baddness of the internet go away. The low margin
business demands a cheap and highly automated approach... lots of
inappropriate things get blocked. Nagging people to fix things is time
consuming, better to move out of their sights a bit, so that they at
least have to specifically target Bitcoin. If they do, it'll at least
be worth the time spent fixing it.

I believe opendns is blocking all of sipa.be still as we speak, so if
you'd like to see it for yourself try to load http://bitcoin.sipa.be
while using opendns.



^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [Bitcoin-development] Area of Focus
  2014-12-20 21:26 ` Jeff Garzik
@ 2014-12-20 22:37   ` Will Bickford
  0 siblings, 0 replies; 9+ messages in thread
From: Will Bickford @ 2014-12-20 22:37 UTC (permalink / raw)
  To: Jeff Garzik; +Cc: Bitcoin Dev

[-- Attachment #1: Type: text/plain, Size: 2174 bytes --]

Thanks Jeff. I'll start looking there.

Will Bickford
"In Google We Trust"

On Sat, Dec 20, 2014 at 3:26 PM, Jeff Garzik <jgarzik@bitpay•com> wrote:

> Getting back to the original topic...
>
> I would recommend first taking a look at how the current tests are built
> (via autoconf/automake) in src/test.  There are several surfaces to test,
> RPC, REST, P2P, internal unit tests, and more.  Then, Travis applies a
> second level of testing via the bitcoinj-based regression tests.
>
> Some automated tests that operate at the Qt level would be interesting.
> In general, the current tests only scratch the surface of what Needs To Be
> Tested...  but part of figuring out a good test is (a) knowing bitcoin and
> (b) knowing the current test regimes.
>
> Join #bitcoin-dev IRC and ask questions.  Read the bitcoin wiki.
>
>
>
>
> On Sat, Dec 20, 2014 at 2:42 AM, Will Bickford <wbic16@gmail•com> wrote:
>
>> Hi all, I'm looking to help with Bitcoin core development in my spare
>> time (a few hours per week).
>>
>> A little bit about me:
>> * I use C++ and Qt daily
>> * I love to automate and enhance software systems
>> * I enjoy root causing and fixing issues
>>
>> I saw Gavin say we needed help with testing in a Reddit AMA a while ago.
>> I'm curious where I can make the best impact. Any feedback would be
>> appreciated. Thanks!
>>
>> Will Bickford
>> "In Google We Trust"
>>
>>
>> ------------------------------------------------------------------------------
>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
>> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
>> with Interactivity, Sharing, Native Excel Exports, App Integration & more
>> Get technology previously reserved for billion-dollar corporations, FREE
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists•sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>
> --
> Jeff Garzik
> Bitcoin core developer and open source evangelist
> BitPay, Inc.      https://bitpay.com/
>

[-- Attachment #2: Type: text/html, Size: 3635 bytes --]

^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2014-12-20 22:38 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-20  7:42 [Bitcoin-development] Area of Focus Will Bickford
2014-12-20  8:57 ` Matt Corallo
2014-12-20 10:08   ` Roy Badami
2014-12-20 11:14     ` Jeremy Spilman
2014-12-20 21:20       ` Matt Corallo
2014-12-20 21:30       ` Gregory Maxwell
2014-12-20 18:27   ` Christian Decker
2014-12-20 21:26 ` Jeff Garzik
2014-12-20 22:37   ` Will Bickford

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox