[rc5] Bunda?

Rik Ling rling at pipcom.com
Thu Oct 2 22:17:02 EDT 1997

> From: Skip Huffman <SHuffman at Atl.Carreker.Com>
> To: rc5 at llamas.net
> Subject: Re: [rc5] Bunda?
> Date: Thursday, October 02, 1997 11:36 AM
> On Thu, 2 Oct 1997 10:56:55 -0400, Rik Ling wrote:
> >Exactly!  Don't actually check the blocks right away, just make sure
> >we (Bovine) think that the blocks have been checked--that way they never
> >get recycled.  Then go ahead and check them yourself at your leisure. 
> >one of them is THE BLOCK, then bingo.  you win the $10,000 and Bovine
> >nothing.  Sneaky, yes?
> Yes, but if you check out those blocks, then immediatly check them back
in as "nope, nothing here" then you don't have to worry about those blocks
being declared "tardy" and reassigned. (Yes, I know the Bovine effort
currently does not do this.)
> Even sneakyer, no?
I think we're trying to say exactly the same thing two different ways, as
you appear to have restated in the second paragraph what I was trying (in
my admittedly obtuse way) to say in the first one.  What I was ultimately
trying to say is that a sneaky third party could "steal" a large number of
blocks from the Bovine effort, ON THE ASSUMPTION that one of the stolen
blocks is THE BLOCK.  This third monkey--er, third party, I mean-could then
check the stolen blocks themselves, with no intention of reporting the
results back to Bovine.  If they DO find THE BLOCK, then they go straight
to RSA and claim the $10,000.

Which brings to mind the terrible question:  Do We Have Any Way Of Knowing
For Sure That We Have Not Had Blocks Stolen Previously?

If I were going to hack Bovine like this, I would write a few dozen of my
own bogus clients, each reporting under a different email addy, and set
them to request/report just enough blocks to put them in the top 1000 teams
area, but below the top 100. That way I wouldn't draw too much attention to
myself, but would be able to request a respectable percentage of the
keyspace over time.

Perhaps I'm being paranoid, but maybe someone should check to see if there
are an unusual amount of blocks being reported under different email
addresses, but all coming from the same IP addy, or even the same subnet. 
What does everyone else think?


Rik Ling
Network Administrator
Peterborough Internet Pipeline
email to admin at pipcom.com or rling at pipcom.com
It's a mad, mad world.  Only the fully sane are truly crazy.
Distributed.Net : Online Pirhanas of the Internet
Come run with the pack --> http://rc5.distributed.net

To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.

More information about the rc5 mailing list