[nullc]

A large portion of a nodes connections live as long as possible given the uptime of the connected nodes. Care is taken it protect long working connections to provide as strong a protection against new and short lived attacks as possible-- a working network should stay working. A sustained attack can frustrate newly connecting/restarting hosts when the recipient is publicly reachable and known to the attacker, but I think that's essentially insoluble (if nothing else, a volumetric attack would guarantee it).

If you're going to be making announcements and whatever, you probably should have taken the time to characterize your observations completely! The failure to do so makes it kinda just look like more lamesauce attempts at market manipulation (not to lob an accusation, it's just what it looks like -- there is a long history of that kind of activity).

> it's too early, at least for me, to know whether peers would drop a node under attack over timeouts,

Do your homework! You're not the first person who ever thought of attacking a bitcoin node. While I'm sure there are areas for improvement, you're not likely to be able to make useful suggestions from a position of almost total ignorance.

[pbear2k21]

>Do your homework! You're not the first person who ever thought of attacking a bitcoin node. While I'm sure there are areas for improvement, you're not likely to be able to make useful suggestions from a position of almost total ignorance.

again, i've successfully found remote crashes and dos issues in 25 - 30 blockchains. i don't care if you're a biased developer who takes this to heart. i'm going to see to brutalizing bitcoind and making it clear to you what happens when i attack nodes. cocky academics like you motivate me. he who laughs last etc.

[nullc]

Fantastic, I'm sure the bitcoin developers will appreciate the free labor. But if you care you have any reputation as anything but a hotheaded fool-- you should probably tone the public announcements down until you've actually completed your work! Otherwise, even when you do carry work though until you find something interesting (and I'm sure you would if you work at it long enough)-- you'll still have earned a poor reputation regardless.

[pbear2k21]

i don't guard my reputation. this isn't 48 laws of power. i'd never become a blockchain socialite to the extent of social climbing to become blockstream's cto. i answer to no one and don't try to mold how others perceive me. interesting insults though - though i can assure you wholeheartedly that you don't want to make it personal. just so you know where you stand, who i am and who pulls rank on who. i rce'd slack too. bitcoin is food now. there is a dos here regardless - but thanks for the motivation

[dgislame]

Haha. Typical digitalgangster/aoler/irc kiddie behavior. You are no one. You have no power. Your obsession with vanity handles shows who you are and what you're about. Making an announcement on a non-bug when you don't know about slowloris style attacks or how a one-liner derails your entire existence is just sad.

This is a great opportunity to get your ego in check. If you're really interested in security, follow the right path. No one here is impressed that you RCE'd slack (likely using someone else's research, and exploit dev nonetheless). No one is impressed with your Twitter or livejournal handle. And btw fuck anti and rj2 and the rest of those spam/scammers.

You probably smell bad. Dork.