📅 Original date posted:2016-08-31
📝 Original message:>
> >I've always assumed honeypots were meant to look like regular, yet
> >poorly-secured, assets.
>
> Not at all. Most servers have zero reason to have any Bitcoin's accessible
> via them, so the presence of BTC privkeys is a gigantic red flag that they
> are part of a honeypot.
>
I was talking about the traditional concept. From Wikipedia: "Generally, a
honeypot consists of data (for example, in a network site) that appears to
be a legitimate part of the site but is actually isolated and monitored,
and that seems to contain information or a resource of value to attackers,
which are then blocked."
I would argue there are ways to make it look like it is not a honeypot
(plenty of bitcoin services have had their hot wallets hacked before, and
if the intruder only gains access to one server they wouldn't know that all
the servers have the same honeypot on them). But I was just confirming that
the proposal is for an obvious honeypot.
> Re-read my last section on the "scorched earth" disincentive to
> doublespend the intruder.
>
> The first time I read it I didn't realize that the second transaction the
intruder has is designed to waste the honeypot AND additional funds
belonging to the honeypot creator. That's pretty good, from a game theory
perspective.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160831/fe3096c6/attachment.html>;
James MacWhyte [ARCHIVE] /
npub12t…pye9h
2023-06-07 19:53:10
in reply to nevent1q…n572
Author Public Key
npub12tjaqer27049ejmvf0f3yd7kq6p93gg6ecavgrczge4rlzf59y5q2pye9hSeen on
wss://relay.noswhere.comPublished at
2023-06-07 19:53:10Event JSON
{
"id": "83d59c8d004d9fb4d6f2dfdf7aca19ee91f21f07bc76c938e7b68bde27e24446",
"pubkey": "52e5d0646af3ea5ccb6c4bd31237d6068258a11ace3ac40f02466a3f89342928",
"created_at": 1686160390,
"kind": 1,
"tags": [
[
"e",
"a20afac7ea0a5c51cb16d367c8c956d81c0793daf776d5b4fced12052517c6d2",
"",
"root"
],
[
"e",
"8f57f32699f8c9e52fc076146cb64093f349ce057b92a86f46c0dbdd3a8e8af2",
"",
"reply"
],
[
"p",
"daa2fc676a25e3b5b45644540bcbd1e1168b111427cd0e3cf19c56194fb231aa"
]
],
"content": "📅 Original date posted:2016-08-31\n📝 Original message:\u003e\n\u003e \u003eI've always assumed honeypots were meant to look like regular, yet\n\u003e \u003epoorly-secured, assets.\n\u003e\n\u003e Not at all. Most servers have zero reason to have any Bitcoin's accessible\n\u003e via them, so the presence of BTC privkeys is a gigantic red flag that they\n\u003e are part of a honeypot.\n\u003e\n\nI was talking about the traditional concept. From Wikipedia: \"Generally, a\nhoneypot consists of data (for example, in a network site) that appears to\nbe a legitimate part of the site but is actually isolated and monitored,\nand that seems to contain information or a resource of value to attackers,\nwhich are then blocked.\"\n\nI would argue there are ways to make it look like it is not a honeypot\n(plenty of bitcoin services have had their hot wallets hacked before, and\nif the intruder only gains access to one server they wouldn't know that all\nthe servers have the same honeypot on them). But I was just confirming that\nthe proposal is for an obvious honeypot.\n\n\n\u003e Re-read my last section on the \"scorched earth\" disincentive to\n\u003e doublespend the intruder.\n\u003e\n\u003e The first time I read it I didn't realize that the second transaction the\nintruder has is designed to waste the honeypot AND additional funds\nbelonging to the honeypot creator. That's pretty good, from a game theory\nperspective.\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20160831/fe3096c6/attachment.html\u003e",
"sig": "bb15cbfaf4f131ff5eb5c7a71da13cee1e66f88074bcc9506f08e326f4683478627a2603527150f25ac1943d34fbd231ad3bc87df7b0282d56edf1f4ef3291e4"
}