Older blog entries for amatus (starting at number 40)

Reshared post from JP Sugarbroad It's happening.

It's happening.

World IPv6 Launch
This Time it is for Real. 6 JUNE 2012. Major Internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world are coming together to permanently enable IP...

Syndicated 2012-05-15 20:34:48 from Plus Public Activity Feed for David Barksdale

Seems like it's better than death... maybe.

Seems like it's better than death... maybe.

Syndicated 2012-05-14 23:40:35 from Plus Public Activity Feed for David Barksdale

Reshared post from Zooko Wilcox-O'Hearn introduction Someone is posting to reddit claiming to...

introduction

Someone is posting to reddit claiming to be a malware author, botnet operator, and that they use their Botnet to mine Bitcoin: ¹.

I asked them a question about the economics of using a Botnet for the Bitcoin distributed transaction-verification service ("Bitcoin mining"): ².

They haven't provided any proof of their claims, but on the other hand what they write and how they write it sounds plausible to me.


details

Here are my notes where I try to double-check their numbers and see if they make sense.

They in their initial post ¹ that they do 13-20 gigahashes/sec of work on the Bitcoin distributed transaction verification service.

The screenshot they provided ³ shows 10.6 gigahashes/sec (GH/s) in progress, and that they're using a mining pool named BTCGuild. According to this chart of mining pools ⁴, BTCGuild currently totals about 12.5% of all known hashing power, and according to ⁵ the current total hashing power on the network is about 12.5 terahashes/sec (TH/s), so BTCGuild probably accounts for about 1.5 TH/s.

They say that their Botnet has about 10,000 bots. The screen shot shows a count of "total bots" = 12,000 and "connected in the last 24 hours" = 3500. This ratio of total bots to bots connected in the last 24 hours is consistent with other reports I've read of Botnets ⁶, and also consistent with my experience in p2p networking. The number of "live bots" available at any one time for this Botnet herder should probably average out to somewhere between 350 and 550. Let's pick 500 as an easy number to work with. Does it makes sense that 500 bots could generate 10 GH/s? That's 20 MH/s per live bot. According to the Bitcoin wiki's page on mining hardware ⁷, a typical widely-available GPU should provide about 200 MH/s. Hm, so they are claiming only 1/10 the total hashpower that our back-of-the-envelope estimates would assign to them. Here is an answer they give to another person's question that sheds light on this: ⁸.

Q: "Isn't Bitcoin mining pretty resource intensive on a computer? Like to the point someone would notice something is up on their system form it slowing eveyrthing down?"

A: "My Botnet only mines if the computer is unused for 2 minutes and if the owner gets back it stops mining immidiatly, so it doesn't suck your fps at MW3. Also it mines as low priority so movies don't lag. I also set up a very safe threshold, the cards work at around 60% so they don't get overheated and the fans don't spin as crazy."

It sounds plausible to me that those stealth measures could cut the throughput by 10 compared to running flat-out 24/7. Also it isn't clear if the botnet counts computers that don't have a GPU at all, or don't have a usable one. Maybe such computers are rare nowadays? Anyway if they are counted in there then that would be another reason why the hashing throughput per bot is lower than I calculated.

In answer to another question ¹⁰, they said they get a steady $40/day from running the Bitcoin transaction-confirmation ("mining") service. According to this chart ¹¹ from ¹², the current U.S. Dollar value of Bitcoin mining is (or was a couple of days ago when they wrote that) about $0.33 per day for 100 MH/s. Multiplying that out by their claim of 10.6 GH/s results in $35/day. So that adds up, too.

(Note that it sounds like their primary business is stealing and selling credit card numbers, and the Bitcoin transaction-verification service is a sideline.)

I don't see a reason to doubt that they really generate about 10.6 GH/s of the Bitcoin distributed transaction verification service.

My primary question is: if this is profitable on a per-bot basis, then why don't they scale up their operation? Of course, the answer to this presumably sheds light on the related question of why competitors of theirs don't launch similar operations. Perhaps one limiting factor is that the larger your Botnet, the more likely you'll be arrested by police or extorted by competitors. That may be a limiting factor that this person doesn't yet know about or doesn't like to think about. They mentioned ⁹ that most of their fellow cybercriminals are "too inexperienced to accept Bitcoin", so it may be that this person is just ahead of the curve and more people will launch operations like this in the future.

That's the question that I asked them on reddit—why don't they scale up? They haven't yet replied to my question, but they earlier mentioned in response to a different question ⁹:

Q: "How many botted machines do you typically gain per month or per campaign."

A: "about 500-1000 a day, weekends more. I'm thinking about just buying them in bulks and milking them for bitcoins. Asian installs are very cheap, 15$/1000 installs and have good GPUs."

If they're really gaining 500 to 1000 new bots per day but they have a total of only 12,000 then either their operation is rapidly expanding, or the attrition rate is similarly high as the acquisition rate.


the bottom line and my take

I don't see any reason to doubt that this is real, and that this person with their Botnet is responsible for about 0.08% (i.e. less than 1/1000 — not 8%!) of the total Bitcoin distributed transaction-verification service, and that they profit for it at the rate of about $35 per day.

There's one open question in my mind about whether this particular operator is currently rapidly expanding (adding 1000 bots per day to their network of 12,000 bots) or if the attrition rate of bots departing from the 12,000-node network is close to 1000 per day.

If the $35/day revenue is really mostly profit (i.e., they don't have to spend so much time maintaining their 12,000-node Botnet that they forego more profitable activities, like stealing more credit cards or finishing their homework), I would expect them and others like them to turn more and more bots to this purpose.

However, the nature of Bitcoin is that all providers of distributed transaction-confirmation service are in competition with one another. In the two weeks since this post went up on reddit, people around the globe deployed about 2 TH/s more hash power (see this graph of aggregate Bitcoin hash power ⁵), which cut the profitability of this one person's operation from $35.00/day to $30.00/day. If more and more Botnet operators get into the Bitcoin mining game, they will reduce the profitability of Bitcoin mining. (As well as competing with each other for access to victim computers, which has got to be a limited resources, right? Right? Or is there just a practically infinite supply of vulnerable computers waiting to be tapped if only someone can find a way to profit from them?)

In parallel, the legitimate Bitcoin miners appear to be continuing to roll out new distributed transaction-verification service on their own hardware. Here is a recent post by "Bitcoinminer" about commercial Bitcoin farms based on GPU: ¹³. The operation spotlighted in that post apparently delivers 100 GH/s (about 10X that of our Botnet herder). At the same time, sales of FPGA-based Bitcoin devices appear to be booming. I wrote a post about that: ¹⁴. You'll have to scroll down through extensive discussion to find where I summarized the numbers, but in summary it appears that people are in the process of investing half a million USD in Bitcoin FPGA which, when all deployed, will deliver around 430 GH/s.

I think there may be a kind of "Game of Chicken" going on: if someone makes a convincing show of investing in Bitcoin mining then they may deter other people from getting into the game and dividing up the profits. That may be the subtext of Bitcoinminer's blog post—he may be trying to discourage competitors. An interesting thing about "Game of Chicken" is that large upfront costs can actually be an advantage because they demonstrate your commitment! If people are spending half a million dollars on FPGA Bitcoin miners, then their competitors had better believe they're really going to keep running them, even if competition drives down profitability.

See, to deploy 10 GH/s of Bitcoin hash power using FPGA would require you to purchase about $10,000 worth of hardware which has no resell value except to other Bitcoin miners. To deploy 10 GH/s using GPU would require an outlay on about $5000 of hardware, which you could later resell for gaming (or whatever other uses GPUs have nowadays -- CAD/CAM?). To deploy 10 GH/s using a Botnet requires an unknown-to-me outlay of time, money, skill, or risk of personal harm, but at least the marginal cost of adding another few MH/s seems much lower than in the hardware-based approach. Our Botnet herder on reddit said he could buy access to Asian PCs with good GPUs for $15 for 1000 PCs. If that's true then it should cost a piddling $180 to set up a new network as big as his current 10 GH/s network.

However, if he is considering doing something else with his time and money, then the fact that people have convincingly committed to large-scale FGPA mining may deter him, because no matter how well he does at competing with them, they've already paid a sunk cost, and their marginal cost for electricity is low, so they won't quit. (Unless competition swells to such a level that it drives revenue below their cost of electricity, which seems like a distant prospect at this point.) Thus they might win at the Game of Chicken and persuade him to spend his time and money on different projects (such stealing more credit cards or doing a better job on his homework).

(There are also several organizations who are loudly proclaiming that they're developing custom ASIC chips for Bitcoin mining. I haven't yet seen hard evidence of any of them having really spent substantial money on it or having demonstrable progress on the engineering and manufacturing.)


last word

I'm delighted to see such vigorous and varied competition for contributing to the distributed, planet-wide transaction-confirmation service. I especially like the "sunk-cost" people such as the FPGA miners with their low electricity requirements, because they seem likely to be long-term, always-on contributors.


¹ http://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_malware_coder_and_botnet_operator_ama/

² http://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_malware_coder_and_botnet_operator_ama/c4mu8oj

³ https://lafsgateway.zooko.com/file/URI:CHK:sdk72a5zmncihhmhdsremrglem:ez25wwqy3lkpefd7e4tujr2tc5mhezmguql7vensxysl2yhkqefa:1:1:516308//named=/yxMDx.jpg

⁴ http://blockorigin.pfoe.be/chart.php

⁵ http://bitcoin.sipa.be

⁶ http://blog.damballa.com/?p=330

⁷ https://en.bitcoin.it/wiki/Mining_Hardware_Comparison

⁸ http://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_malware_coder_and_botnet_operator_ama/c4g7w9v

⁹ http://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_malware_coder_and_botnet_operator_ama/c4g2tpa

¹⁰ http://www.reddit.com/r/IAmA/comments/sq7cy/iama_a_malware_coder_and_botnet_operator_ama/c4g235t

¹¹ http://bitcoinx.com/charts/chart_large_lin_30d.png

¹² http://bitcoinx.com/charts/

¹³ http://www.bitcoinminer.com/post/22769728108/commercial-mining-farms

¹⁴ https://plus.google.com/108313527900507320366/posts/2ztAhLnXQK

IAmA a malware coder and botnet operator, AMA : IAmA
I operate a ~10k botnet using a ZeuS software I modified myself, including IRC, DDoS and bitcoin mining (13GH/s - 20GH/s atm). Everything operating tr...

Syndicated 2012-05-11 20:08:13 from Plus Public Activity Feed for David Barksdale

Well I'm not getting any more work done today.

Well I'm not getting any more work done today.

Recursive Drawing
Recursive Drawing is an exploration of user interface ideas towards the development of a spatially-oriented programming environment. Start Drawing!

Syndicated 2012-05-10 16:08:06 from Plus Public Activity Feed for David Barksdale

You've never seen tubgirl? You're one of today's lucky 10,000!

You've never seen tubgirl? You're one of today's lucky 10,000!

xkcd: Ten Thousand
XKCD updates every Monday, Wednesday, and Friday. You can get prints, posters, and t-shirts in the store. Ten Thousand. |< · < Prev · Random; Next >; >|. Ten Thousand. |< · < Prev · ...

Syndicated 2012-05-09 16:28:34 from Plus Public Activity Feed for David Barksdale

Now I just need to figure out how to get RED on my "router."

Now I just need to figure out how to get RED on my "router."

apenwarr - Business is Programming
TCP doesn't suck, and all the proposed bufferbloat fixes are identical. Background: a not very clear article in ACM Queue led to a post by Bram Cohen claiming TCP sucks. The first article is long ...

Syndicated 2012-05-09 15:12:51 from Plus Public Activity Feed for David Barksdale

Great, now I have a new song to memorize. "Every Major's Terrible" Philosophy's just math sans ri...

Great, now I have a new song to memorize.

"Every Major's Terrible"
Philosophy's just math sans rigor, sense, and practicality
and math's just physics unconstrained by precepts of reality.
A business major's just a thing you get so you can graduate
and chemistry's for stamp collectors high on methylacetate.
Why anyone who wants a job would study lit's a mystery
unless their only other choice were something like art history.
A BA in communications guarantees that you'll achieve
a little less than if you'd learned to underwater basket-weave.

I'd rather eat a Fowler's toad than major in biology,
and social psych is worse than either psych or sociology.
The thought of picking any one of these is too unbearable.
Just put me down as "undecided"--every major's terrible.

Now, if you can't prognosticate, that's OK in seismology,
but if your hindsight's weak as well, you'd best stick to theology.
CS will make each day a question to find a missing close-paren.
Virology will guarantee you'll never get a hug again.
I.T. prepares you for a life of fighting with PCs nonstop.
As Pratchett said, "geography's just physics slowed with trees on top."
Though physics seems to promise you a Richard Feynman-like career,
the wiki page for "Physics Major" redirects to "Engineer."

They say to study history or find yourself repeating it,
but all that it prepares you for is forty years of teaching it.
I recognize my four-year plan's at this point not repairable,
but put me down as "undecided"--every major's terrible.

Astronomers all cringe when they hear "supermoon" or "zodiac."
Agronomy's a no-go; I'm a huge agorophobiac.
I'm too ophiophobic to consider herpetology,
and I can't stomach any part of gastroenterology.
While pre-med gives you twitchy-eyed obsession with your GPA,
a poetry degree bespeaks bewildering naïveté.
TV's behing the rush into forensic criminology
(or so claims meta-academic epidemiology).

By dubbing econ "dismal science" adherents exaggerate;
the "dismal"'s fine--it's "science" where they patently prevaricate.
In terms of choices, I'd say only Sophie's was comparable.
Just put me down as "undecided"-- every major's terrible!

xkcd: Every Major's Terrible
XKCD updates every Monday, Wednesday, and Friday. You can get prints, posters, and t-shirts in the store. Every Major's Terrible. |< · < Prev · Random; Next >; >|. Every Major's Te...

Syndicated 2012-05-07 14:55:20 from Plus Public Activity Feed for David Barksdale

Give it some thought, this isn't that bad of an idea.

Give it some thought, this isn't that bad of an idea.

Android Ported to C# – Xamarin
Oracle and Google are currently in a $1 billion wrestling match over Google's use of Java in Android. But Java is not the only way to build native apps on Android. In fact, it's not even the b...

Syndicated 2012-05-02 14:02:30 from Plus Public Activity Feed for David Barksdale

Near-Perfect Particle Measurement Achieved

Near-Perfect Particle Measurement Achieved
According to the laws of quantum mechanics, scientists cannot observe the smallest particles without changing them.

Syndicated 2012-04-30 20:38:42 from Plus Public Activity Feed for David Barksdale

Reshared post from Rob Pike People objected that there was no Exit item on the main menu for t...

People objected that there was no Exit item on the main menu for the mpx program that put windows on the Blit; see http://en.wikipedia.org/wiki/Blit_(computer_terminal) (which mistakenly says it implemented cursor addressing when turned on - as if!) and http://www.cs.bell-labs.com/cm/cs/doc/83/mpx.ps.gz. It seemed unnecessary, since you could just power cycle. Why clutter the menu? (Those were simpler times.)

After hearing too much complaining, I decided to implement Exit, but did it a special way. Late one night, with help from Brian Redman (ber) and Pat Parseghian (pep), I cranked out a set of trivia questions to drive the Exit control. Answer the question right, you can exit; get it wrong, you're stuck in mpx for a little longer. To make this worthwhile, the questions had to be numerous and hard, and had to be verified by the machine, so the quiz code included a little pattern matcher. It also had to be tiny, since the machine only had 256KB and the display took 100KB of that. (Those were simpler times.)

The response was gratifying. I'll never forget seeing someone, who shall remain nameless, a vociferous complainer about the lack of Exit, burble with excitement when he saw the menu item appear, only to crumble in despair when the question arrived. I forget which question it was, but it doesn't matter: they're all hard.

The questions were extended by lots of suggestions from others in the Unix lab, and then in 1984 they were handed out as a bloc in a trivia contest at the USENIX conference in Salt Lake City. To quote an observer, "The submission with the most correct answers (60) was from a team comprising David Tilbrook, Sam Leffler, and presuambly others. Jim McKie had the best score for an individual (57) and was awarded an authenticated 1972 DECtape containing Unix Version 2. Finally, Ron Gomes had 56 correct answers and received an original engraved "Bill Joy" badge, which once belonged to Bill himself, from Sun Microsystems." That score of 57 was so impressive we hired Jim a little later, but that's another story.

How much Unix trivia do you know? Test your mettle; the questions appear below. This may be one of the hardest quizzes ever to originate outside of King William's College.

I've disabled comments because people will just send in spoilers. If you want to discuss or collaborate, do so elsewhere. I'll publish the computer-readable, pattern-matching answers here in a few days.

Good luck, and may your TU-10 never break your 9-track boot tape.

-rob


1. The source code motel: your source code checks in, but it never checks out. What is it?
2. Who wrote the first Unix screen editor?
3. Using TSO is like kicking a {what?} down the beach.
4. What is the filename created by the original dsw(1)?
5. Which edition of Unix first had pipes?
6. What is =O=?
7. Which Stephen R. Bourne wrote the shell?
8. Adam Buchsbaum's original login was sjb. Who is sjb?
9. What was the original processor in the Teletype DMD-5620?
10. What was the telephone extension of the author of mpx(2)?
11. Which machine resulted in the naming of the "NUXI problem"?
12. What customs threat is dangerous only when dropped from an airplane?
13. Who wrote the Bourne Shell?
14. What operator in the Mashey shell was replaced by "here documents"?
15. What names appear on the title page of the 3.0 manual?
16. Sort the following into chronological order: 1) PWB 1.2, b) V7, c) Whirlwind, e) System V, f) 4.2BSD, g) MERT.
17. The CRAY-2 will be so fast it {what?} in 6 seconds.
18. How many lights are there on the front panel of the original 11/70?
19. What does FUBAR mean?
20. What does "joff" stand for?
21. What is "Blit" an acronym of?
22. Who was rabbit!bimmler?
23. Into how many pieces did Ken Thompson's deer disintegrate?
24. What name is most common at USENIX conferences?
25. What is the US patent number for the setuid bit?
26. What is the patent number that appears in Unix documentation?
27. Who satisfied the patent office of the viability of the setuid bit patent?
28. How many Unix systems existed when the Second Edition manual was printed?
29. Which Bell Labs location is HL?
30. Who mailed out the Sixth Edition tapes?
31. Which University stole Unix by phone?
32. Who received the first rubber chicken award?
33. Name a feature of C not in Kernighan and Ritchie.
34. What company did cbosg!ccf work for?
35. What does Bnews do?
36. Who said "Sex, Drugs, and Unix?"
37. What law firm distributed Empire?
38. What computer was requested by Ken Thompson, but refused by management?
39. Who is the most obsessed private pilot in USENIX?
40. What operating system runs on the 3B-20D?
41. Who wrote find(1)?
42. In what year did Bell Labs organization charts become proprietary?
43. What is the Unix epoch in Cleveland?
44. What language preceded C?
45. What language preceded B?
46. What letter is mispunched by bcd(6)?
47. What terminal does the Blit emulate?
48. What does "trb" stand for (it's Andy Tannenbaum's login)?
49. allegra!honey is no what?
50. What is the one-line description in vs.c?
51. What is the TU10 tape boot for the PDP-11/70 starting at location 100000 octal?
52. What company owns the trademark on Writer's Workbench Software?
53. Who designed Belle?
54. Who coined the name "Unix"?
55. What manual page mentioned Urdu?
56. What politician is mentioned in the Unix documentation?
57. What program was compat(1) written to support?
58. Who is "mctesq"?
59. What was "ubl"?
60. Who bought the first commercial Unix license?
61. Who bought the first Unix license?
62. Who signed the Sixth Edition licenses?
63. What color is the front console on the PDP-11/45 (exactly)?
64. How many different meanings does Unix assign to '.'?
65. Who said "Smooth rotation butters no parsnips?"
66. What was the original name for cd(1)?
67. Which was the first edition of the manual to be typeset?
68. Which was the first edition of Unix to have standard error/diagnostic output?
69. Who ran the first Unix Support Group?
70. Whose Ph.D. thesis concerned Unix paging?
71. Who (other than the obvious) designed the original Unix file system?
72. Who wrote the PWB shell?
73. Who invented uucp?
74. Who thought of PWB?
75. What does grep stand for?
76. What hardware device does "dsw" refer to?
77. What was the old name of the "/sys" directory?
78. What was the old name of the "/dev" directory?
79. Who has written many random number generators, but never one that worked?
80. Where was the first Unix system outside 127?
81. What was the first Unix network?
82. What was the original syntax for ls -l | pr -h?
83. Why is there a comment in the shell source /* Must not be a register variable */?
84. What is it you're not expected to understand?

Blit (computer terminal) - Wikipedia, the free encyclopedia
In computing, the Blit was a programmable bitmap graphics terminal designed by Rob Pike and Bart Locanthi Jr. of Bell Labs in 1982. When initially switched on, the Blit looked like an ordinary textual...

Syndicated 2012-04-30 18:21:14 from Plus Public Activity Feed for David Barksdale