-
nikg83[m]
Are we ok with only botnets securing the network ?
-
merope
Look at it this way: do you really want your new financial system to be controlled by skiddies and thieves?
-
nikg83[m]
Also they are threat to decentralisation, a few groups could be controlling major hashrate
-
nikg83[m]
We need to increase ram requirements and get legit miners back, they can’t mine with freeloaders
-
nikg83[m]
s/with/besides/
-
nikg83[m]
Increasing ram isn’t going to kill these botnets entirely, but will make them less effective as number of target devices reduces
-
nikg83[m]
And legit miners just need to add more ram
-
nikg83[m]
Don’t argue about phone miners or a decade old cpu miner, their hashrate is so less that they better sell their hw and buy xmr
-
merope
I actually agree on that point, mining on phones is pretty much pointless
-
merope
As for increasing RAM, 4GB would probably be a reasonable amount. But I can't recall the original reasoning behind 2GB
-
nikg83[m]
8gb should be the case, even most 10yr old hw had 4gb ram and these are mostly the one with old unpatched sw that mine for botnets
-
merope
Gotta leave some room for the OS, and possibly p2pool
-
merope
A lot of people still have 8GB
-
nikg83[m]
6gb ram requirement then
-
merope
Not enough
-
merope
hence 4
-
nikg83[m]
2gb not enough for os ?
-
merope
Lightweight linux maybe, but with p2pool in the background (even with --no-randomx) you're already cutting it close
-
merope
And definitely not enough for windows
-
nikg83[m]
Anyone knows of stats of % by ram on systems worldwide or a big sample
-
merope
There's the steam hardware survey, iirc
-
merope
But I don't have a link
-
nikg83[m]
-
merope
(I'm off for the night - be back tomorrow)
-
-
nikg83[m]
8gb is common it seems
-
nioc
windows and 30 tabs open in chrome = 12gb
-
nikg83[m]
<nioc> "windows and 30 tabs open in..." <- Add that 8gb ram, it’s not expensive
-
nioc
no slots to add to
-
nioc
it's useless to mine on this one
-
nioc
unless it is by a botnet :D
-
nikg83[m]
nioc: Replace it
-
nioc
even without botnets there are enough people that will mine with free or cheaper elec than me such that it will not be profitable
-
nikg83[m]
nioc: And you will not notice 8gb ram consumed ?
-
nikg83[m]
nioc: Yes reason is botnet
-
nikg83[m]
No legit miner to support price
-
nioc
even without botnets I will not be profitable because of my elec cost compared to others
-
nikg83[m]
nioc: It’s not profitable currently due to price + botnet hashrate
-
nikg83[m]
Was profitable to mine before asic rug pull
-
nioc
if everyone had the same elec cost and same miner efficiency then profit would trend to breakeven
-
nikg83[m]
nioc: Legit miners keep prices afloat to keep mining, look at grin even that is profitable 😂
-
nikg83[m]
Prices going down = adoption only as a washing machine
-
nikg83[m]
Nobody holds, accepts n dumps for other shitcoins
-
nikg83[m]
Just see xmrbtc chart after anti asic
-
nikg83[m]
And you will understand
-
nikg83[m]
Won’t be surprised if we go 0.001 on xmrbtc if things continue like this
-
nioc
may I suggest that there is more than one variable
-
nikg83[m]
And only botnets will secure
-
nikg83[m]
nioc: Yah ?
-
nioc
I can talk price but not here
-
nikg83[m]
nioc: Ok, how to secure the network other than replying on few players
-
nikg83[m]
At the same time be vulnerable to attacks
-
nikg83[m]
<nioc> "I can talk price but not here" <- Any place you even talk about price? we can discuss there
-
nikg83[m]
s/replying/relying/
-
merope
<nikg83[m]> "8gb is common it seems..." <- Right, but look at the low end: just by requiring a minimum of 4GB (2GB for the miner + 2GB for the OS), you are excluding ~25% of all devices (all those with less than 4GB of ram)
-
merope
That's a lot of excluded devices)
-
merope
* That's a lot of excluded devices
-
merope
Requiring 8GB in total would exclude 63.59% of all the computers
-
merope
Even though most of those would be very old devices, that's still way too much
-
sech1
hyc so all that buzz about efficient randomx gpu implementation was just some coin fork with modified randomx:
bitcointalk.org/index.php?topic=5402672.msg60527811#msg60527811
-
sech1
how turns have tabled
-
nikg83[m]
<merope> "Right, but look at the low end..." <- Excluding devices which can be used by botnets, if someone wants to mine they can just buy that extra ram which doesn’t cost much
-
merope
Many botnets attack high-end servers, which have far more ram than that. You'd actually be cutting off domestic miners for the most part - especially those mining on slightly older, pre-owned hardware
-
sech1
more importantly, low-end device botnets don't have that much hashrate
-
sech1
most botnet hashrate comes from hacked servers and cloud mining accounts
-
sech1
which have a lot of RAM
-
pauliouk
one thing I did query a while back was the number of IoT devices out there which yup have a fraction of the memory and CPU required to mine effectively, but there's freakin' millions of them out there with default/no credentials. Even if you only get 30h/s from one, if you've got 1,000,000 active thats 30Mh/s.
-
nikg83[m]
<merope> "Many botnets attack high-end..." <- High end servers are managed and are taken down quickly, while these home pc botnets long much longer
-
nikg83[m]
> <@endor00:matrix.org> Many botnets attack high-end servers, which have far more ram than that. You'd actually be cutting off domestic miners for the most part - especially those mining on slightly older, pre-owned hardware
-
nikg83[m]
* High end servers are managed and are taken down quickly, while these home pc botnets long much longer
-
nikg83[m]
Preowned hardware just needs addition of ram, 8gb sticks are not expensive
-
sech1
"High end servers are managed and are taken down quickly" oh how young and naive
-
merope
lol
-
nikg83[m]
sech1: High end servers > low end pcs in world ?
-
sech1
by hashrate, yes
-
nikg83[m]
sech1: So you are saying majority of botnet is coming from high end servers ? Where are you getting these figures from
-
nikg83[m]
* of botnet hashrate is coming
-
merope
He did say that, just above
-
nikg83[m]
merope: He said high end servers have more hashrate
-
merope
<sech1> "most botnet hashrate comes..." <- ^
-
pauliouk
one decent server > 1000 store bought home machines (give or take)
-
nikg83[m]
pauliouk: Yes, so why are we allowing 1000 home machines to be target of botnets ?
-
sech1
I've seen many times miners with hundreds of MH/s come and go
-
merope
Well, maybe not 1000. But 5-100
-
sech1
and they last for weeks
-
sech1
"taken down quickly" lol
-
sech1
nikg83[m] these 1000 home machines will be botntes with or without RandomX
-
merope
nikg83[m]: Nobody is "allowing" them. They just exploit new vulnerabilities that are found in common software, until they get patched
-
sech1
they'll just go back to good old e-mail spamming and DDoSing
-
nikg83[m]
merope: Exploit is low ram usage
-
merope
wat
-
pauliouk
a well hidden rootkit could probably keep a server running until it was noticed
-
nikg83[m]
merope: If we needed high ram, they wouldn’t be a target
-
merope
The exploit is how you take control of the victim machine. What you do after you obtain control has nothing to do with it
-
pauliouk
nikg83[m], they'd definitely still be a target, just not for mining monero.
-
nikg83[m]
merope: I know, I am just saying too many low end devices on botnets
-
sech1
botnets are not Monero's problem
-
nikg83[m]
pauliouk: Does it matter to monero ? It matters only if these machines are not used to attack
-
merope
nikg83[m]: But like I said earlier: you would be cutting off too many "legitimate" devices too
-
sech1
they're the most decentralized and unkillable part of the network
-
nikg83[m]
* to attack monero hashrate
-
sech1
they contribute the most to decentralization
-
nikg83[m]
merope: How much does 8gb ram cost ?
-
merope
sech1: Except when they all point to minexmr
-
sech1
they can jump pools at the flip of a switch
-
pauliouk
well yeah, if they all drop their hashrates onto minexmr then there's a risk
-
sech1
I've seen it
-
nikg83[m]
sech1: No, a few ppl controlling botnets doesn’t mean it’s decentralised
-
sech1
a few? Rather a few thousand
-
merope
Right, but a lot of them still stick around minexmr unfortunately. Would be nice if they spread out more
-
nikg83[m]
sech1: A few thousand? 😂 just because there is a guide on YouTube on how to use cloud servers to mine doesn’t mean there are thousands doing it
-
sech1
this will go away naturally when price go up and more regular people start mining
-
pauliouk
One interesting thing might be to check the dates of public releases of exploits and the increased hashrates a few days later on various pools
-
pauliouk
nikg83[m], I still see Windows XP botnets active.
-
nikg83[m]
sech1: Price doesn’t go up when there is no investment from miners, anyways someone told this isn’t a place to talk about price
-
sech1
"investment from miners" lmao
-
sech1
price doesn't depend on miners, at all
-
pauliouk
price no, difficulty yes :)
-
nikg83[m]
pauliouk: Yes and these are old pcs and can be excluded with ram requirement increase
-
sech1
if we don't count miners selling what they mined
-
nioc
price does not come from miners, crypto 101
-
sech1
if anything, miners can only sell
-
nikg83[m]
sech1: It does, go and look xmrbtc someday with open mind
-
sech1
miners follow price, not the other way around
-
nioc
^^^^^^^^^^
-
merope
nikg83[m]: Miner investment follows profitability (and thus price), not the other way around:
moneroresearch.info/index.php?actio…SOURCEVIEW_CORE&id=73&browserTabID=
-
pauliouk
nikg83[m], 100,000 windows XP machines with 4gb of memory > 10 Epycs with 258GB memory. And a lot easier for some kid in his parent's basement to acquire
-
nikg83[m]
sech1: sech1: miners support price if they have invested in hardware
-
sech1
Windows XP is 32 bit, can't mine RandoMX
-
merope
nikg83[m]: Read the paper I linked
-
sech1
nikg83[m] what a load of nonsense
-
sech1
HOW do they support price?
-
nikg83[m]
pauliouk: 10 epyc = 100k investment
-
sech1
they mine to sell crypto and get fiat
-
sech1
why would they buy crypto to support price?
-
sech1
to sell it again later, at the same price?
-
sech1
at these point, they're traders, not miners
-
merope
nikg83 Would you invest 100k in a business, if you had no prospect of making a profit?
-
pauliouk
hmm, I've seen some 64bit winXP :) on poor spec systems, but heck, 100h/s is 100h/s :)
-
nikg83[m]
sech1: No, they mine to hold it and not for some small gain ; the miners you are talking about are botnets who would dump at any price
-
sech1
64-bit WinXP is an atrocity, let's not go that way :D
-
merope
"mine and hold" - and who pays the bills?
-
sech1
nikg83[m] miners who "invest" don't hold
-
nikg83[m]
merope: I wouldn’t because there are others doing it for free
-
sech1
they have operating expenses, and quite larges ones at that
-
pauliouk
oh its absolute atrocity, but sadly, exists :P
-
nikg83[m]
sech1: They hold for sometime, impossible to make roi if they keep dumping
-
nikg83[m]
Anyways emission is low now & we are just paying 50k/day to secure our network 😂
-
sech1
"botnets who would dump at any price" botnets have a freedom NOT to dump at any price
-
sech1
because free electricity and hardware
-
merope
(sidenote re: no price talk: this is not the place to speculate "number go up/down" and ta stuff; but the impact of the price on mining profitability and network security is extremely important, and is fine for discussion)
-
nikg83[m]
sech1: Huh ? Its very tiny compared to actual hardware cost
-
sech1
if you're a lone hacker somewhere in east asia, operating a botnet that brings you $10k/month, would you dump $10k/month or keep some?
-
nikg83[m]
merope: Price is just a incentive for miners
-
sech1
the cost of living is $100/month
-
merope
nikg83[m]: Which is the entire point of the block reward: incentive to keep the system secure
-
nikg83[m]
sech1: Lone hacker with 1/4th mining hashrate ?
-
nikg83[m]
And always depreciating value against btc? I would surely convert it to btc
-
sech1
"Moreover, the causality is always unidirectional going from the bitcoin price to the hashrate (or its proxies), with lags ranging from one week up to six weeks later."
-
pauliouk
hmm. An IP Camera, with 2gb of memory, running some tweaked xmrig derivative ELF binary, getting 30h/s. According to a masscan log of Canadian ISPs, there's around 750,000 of these devices and all vulnerable. So... with a bit of work, theres a fair few MH/s that you don't need to pay for.
-
sech1
checkmate
-
nikg83[m]
* with 1/4th global mining hashrate
-
sech1
$10k/month is 1/120th
-
sech1
less than 1%
-
nikg83[m]
sech1: Oops ya, i was thinking daily 😅
-
sech1
16 MH/s botnet earns $10k/month
-
merope
pauliouk: You need more than 2GB for xmrig alone to mine rx in fast mode
-
merope
Plus the OS and any other software
-
merope
Otherwise you're stuck in slow mode
-
gingeropolous
anyone got a link to one of these cameras? i'll buy one so we can mine on it
-
pauliouk
doesn't need to be efficient if you don't need to worry about costs :)
-
sech1
IP camera is probably a 32-bit ARM with no JIT compiler for RandomX
-
sech1
less than 1 h/s
-
gingeropolous
get some real numbers
-
merope
ah right, 32-bit too
-
nikg83[m]
sech1: Are we justifying botnets now ? we should just ask everyone to run one
-
nikg83[m]
When monero botnet kits ?
-
merope
rip
-
sech1
I'm not justifying botnets
-
sech1
I'm praising them
-
gingeropolous
monero is a botnet. just one you voluntarily participate in
-
nikg83[m]
sech1: Yah so when botnet kits ?
-
sech1
Leave botnets to antivirus companies
-
sech1
Not Monero's problem
-
nikg83[m]
sech1: Pcs that are infected have no antivirus
-
merope
(The ones that don't embed miners in their own software, anyway)
-
nikg83[m]
sech1: It is a monero problem, just wait for a state actor to run their botnet
-
merope
The point is that the botnet lives outside of Monero
-
merope
The fact that they choose to mine Monero is just an after-the-fact event
-
sech1
this ^
-
sech1
they'd infect every single PC they could in any case
-
merope
So it makes no sense for Monero to tackle the issue
-
sech1
if anything, Monero mining makes botnets more visible on the surface
-
sech1
so more attention from users and AV companies
-
sech1
so Monero pays, indirectly, for overall better PC security
-
nikg83[m]
It makes no sense to have legitimate miners, why even keep solo miner in gui ? Or monerod ? It’s causes such bad first impression when they can’t quarantined by antivirus
-
nikg83[m]
We can live on botnets, these solo or legitimate miners shouldn’t be cared for
-
sech1
if you're profit driven greedy miner, no sense
-
sech1
there are other reasons to mine
-
merope
The miner is inside monerod, and it stays there because it's the official/legacy solution. The core software must always be able to function independently, without any third-party requirements
-
nikg83[m]
sech1: I am not profit greedy, I can’t waste power when there is some script kiddy exploiting some pool chap in Vietnam
-
nikg83[m]
s/pool/poor/
-
sech1
you can't, someone else can
-
sech1
For example, someone else can live in Donetsk and pay $0.01/kWh
-
sech1
how would you get crypto in Donetsk where literally everyone banned you from traditional finance?
-
nikg83[m]
merope: Put a separate package, as nobody cares about legitimate miners anyway
-
merope
Now you're just not making any sense
-
nikg83[m]
sech1: Yah you give them red carpet to mine on botnets
-
sech1
"I don't care" = "Nobody cares", right
-
merope
Literally this entire discussion has been about the impact of botnets on legitimate miners
-
sech1
legitimate miners can find cheap electricity and still mine Monero with profit
-
sech1
It's just that most of Europe/USA have too expensive energy now
-
nikg83[m]
sech1: Nobody is going to invest when it’s not possible to have roi in a decade even with free power
-
sech1
I don't want "investor miners" here, ok?
-
sech1
Mine with hardware you already own
-
sech1
I don't want warehouses filled with GPUs
-
merope
people stop mining -> the fewer miners left have more money for themselves -> they make roi sooner
-
sech1
so that some govt shmuck can walk in and take them over
-
nikg83[m]
sech1: Yah you want some 10000 monero users to mine against 1000000 pc botnet
-
merope
it's a self-balancing system, where the balance point is determined by price/profitability
-
nikg83[m]
sech1: You need home investors, nobody in right mind is going to buy a latest amd to mine xmr
-
merope
but a lot of people do not like the idea of stopping mining because it's not profitable, so they keep mining at a loss, so they propagate the issue of lack of profitability
-
sech1
millions of people already bought latest amd
-
sech1
they can as well just start mining to get some $ back
-
nikg83[m]
sech1: And 0.0001% know about monero
-
nikg83[m]
And 0.001 might be on botnet
-
nikg83[m]
* And 0.001% might
-
sech1
so what?
-
sech1
botnets are not bad for Monero
-
nikg83[m]
sech1: Bro there are not enough monero users and let alone die hard monero fans who will mine for a few dollar A month
-
nikg83[m]
sech1: Yah explains it all
-
merope
nikg83[m]: Which means it's time for some people to stop mining
-
nikg83[m]
merope: Plenty of ppl have stopped
-
sech1
this whole discussion will quickly evaporate when price goes above $1000 and everyone and their dog will start mining with their home gaming PC
-
nikg83[m]
Replaced by botnets
-
nikg83[m]
sech1: That price is a dream isn’t going to happen for a decade
-
nikg83[m]
And by that time botnet hashrate will even make that ineffective to mine
-
sech1
I wouldn't be so sure
-
sech1
In fact, I wouldn't be even sure that $ lasts until 2030
-
nikg83[m]
sech1: I am confident now, seeing botnets are backbone
-
nikg83[m]
sech1: That would be nice
-
sech1
-
sech1
I don't see botnets taking over
-
nikg83[m]
sech1: Why would they push miners on more machines when they already dominate 😅
-
sech1
the thing is, botnets existed long before bitcoin and monero, and they're always on the hunt for unprotected PCs. They're maxed out
-
sech1
If prices goes up, network hashrate will go up thanks to new miners, not botnets
-
nikg83[m]
sech1: I don’t care about botnets, they are sleeping everywhere
-
nikg83[m]
I care about them mining monero
-
sech1
they're not sleeping, they're already mining with everything they have
-
nikg83[m]
sech1: That must be your botnet, my botnet is idle
-
nikg83[m]
🤣
-
sech1
you care more about them NOT mining monero
-
sech1
egalitarian PoW means everyone can mine and no one can be censored
-
sech1
so whether you like it or not, botnets can mine too
-
sech1
so you say "botnet evil, let's control it!"
-
sech1
no thanks
-
nikg83[m]
sech1: You are not censoring, you are raising bar for them
-
nikg83[m]
Why not just drop ram requirements to 256mb ? So iot devices can join in
-
sech1
next someone will say "people in Russia evil, let's ban them from mining!"
-
moneromooo
And Swedes.
-
nikg83[m]
sech1: Russia is better than west, anyways no political talk
-
sech1
this is a political talk, it's about ideology
-
sech1
you let everyone participate, whether you like them or not
-
sech1
botnet problem should be solved outside Monero
-
sech1
AV companies exist
-
nikg83[m]
sech1: Let’s get more bots, lower ram requirements for iot
-
sech1
governments exist, police should catch criminals operating botnets
-
sech1
leave Monero out of this
-
nikg83[m]
sech1: They are not leaving monero alone
-
sech1
Monero don't care
-
sech1
it was designed to be resistant
-
sech1
if governments can kill it, so be it
-
sech1
we'll design something better
-
nikg83[m]
sech1: I care about Monero hashrate & if they can attack
-
sech1
at current market cap, Monero is of no interest, so don't worry
-
sech1
at much higher market cap, hashrate will be so high no one can attack
-
nikg83[m]
sech1: So wait till they attack with gov botnets ? And then decide to fix it ?
-
nikg83[m]
sech1: They are worried, if it wasn’t the case it wouldn’t have been blocked on some exchanges
-
sech1
exchanges blocked it because their banking partners said so. Not governments.
-
sech1
"government" is not a single evil entity
-
pauliouk
I always figured the Governments told the banking partners to put pressure on the exchanges *shrug*
-
nikg83[m]
sech1: Japan ? Korea ? Aus ?
-
sech1
quite a few in the govt actually don't mind Monero existing
-
sech1
everyone needs private currency
-
pauliouk
I don't mind Binance being KYC - my monero goes no where near it :)
-
nikg83[m]
sech1: Yah they are will support xmr hashrate while other side attacks ?
-
sech1
increasing RAM to 4 or 8 GB won't save from government attacks
-
sech1
also, 51% attack is not a "finish blow" to any cryptocurrency
-
sech1
it comes and it goes, blockchain still keeps working
-
nikg83[m]
sech1: Doesn’t have to be gov, can be a group of hackers which can be hired by ztrash 😅
-
sech1
they already tried :D
-
nikg83[m]
sech1: Yah I got the memo too
-
nikg83[m]
Any good resources for monero botnets ? I would like to join the army
-
pauliouk
Monero botnets? nope. Botnets, you heard of google? :)
-
sech1
just install Windows 7 without updates and connect to the Internet
-
pauliouk
that'd do it :) keep an eye on any changes to your system (should take about 3 minutes)
-
hyc
lol. also have to turn off your local router firewalls
-
hyc
botnets are a PC industry problem. due to flaws in common OSs. not our responsibility.
-
hyc
(and possibly also due to security flaws in common applications. but still, not our fault.)
-
QuickBASIC
Also don't forget to open RDP on the default port.
-
nikg83[m]
<hyc> "botnets are a PC industry..." <- Nope it’s not a problem but a boon for monero
-
nikg83[m]
Would like to see a support desk for botnets from monero community someday 🙂