Comments (6)
Disclosing a server's operating system makes it an easier attack target and should certainly not be done by default.
Setting aside security-related objections, the core mechanism you've proposed seems flawed:
We need to understand what platforms are more popular, so that we are able to encourage users to switch platforms.
How would this encouragement work? Presumably there's a motivation behind the popularity of certain platforms. Do you really expect users to run a totally different OS in the name of "platform diversity for Monero"? Assuming an initial imbalance large enough to justify the initiative, you'd need a large number of users to switch.
from monero.
Maybe having this by default is not a good idea. But having an optional flag would really help gather some statistics.
About how we will make users switch. I mean people are already running nodes, using p2pool etc. All of that to further decentralize the network. This is the same thing. For most experienced Linux users (most node runners) switching to something like OpenBSD shouldn't be too hard.
from monero.
ask a privacy conscious user if they wish to opt-in to having usage statistics collected. how do you want people to know about it? show a popup? not a good look. this was discussed today #9031 (comment)
from monero.
The threat model here also makes no sense: Imagine someone has a zero day and decides its worthwhile to use it on a Monero attack. Assuming people actually respond to the network composition data, that actor could simply start faking the data to drive the composition towards the vulnerable OS.
from monero.
If someone has the resources to spin up a lot of nodes I don't think that's the first thing they'll try.
from monero.
If someone has the resources to spin up a lot of nodes
Not a requirement to influence sampling of get_info. For example, proxying would work, as might an approach specifically targeting the sampling methodology. Your proposal effectively tries to wish away Sybil attacks.
from monero.
Related Issues (20)
- [Discussion] Blockers towards including Rust into monero codebase HOT 4
- Support getting unconfirmed transfers from monero-wallet-rpc without fetching from pool
- Support updating the pool state in monero-wallet-rpc `refresh`
- Immediate Crash on Launch with Qt Quick Errors and OpenGL Context Failure in monero-wallet-gui HOT 1
- Hide the sending address and prompt that destinations do not exist HOT 5
- Build failure with Boost 1.85.0 HOT 4
- The Monero core software wallet API will (probably) switch from 'wallet2.h' to 'wallet2_api.h'
- Remove refresh from call from import_multisig HOT 3
- Daemon recurring error message HOT 9
- Daemon crashed last night with only a warning HOT 18
- A lot of 150/2 transactions in the txpool causes memory spike / OOM HOT 34
- aggregating multisig partial signatures HOT 8
- Cannot connect wallet client to daemon HOT 9
- About Artificial Intelligence and digital currencies(Feature) HOT 1
- Build unsigned transaction does not return "tx_blob" and "unsigned_txset" HOT 3
- build NOTFOUND Z alpine, what's missing? HOT 1
- Wallet corruption while storing
- Offline wallet is considered as "Hot" HOT 6
- [Proposal] Change how transactions are broadcasted to significantly reduce P2P bandwidth usage HOT 33
- daemon can send duplicate transactions, causing disconnects
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from monero.