You are viewing a single comment's thread from:
RE: Denial of Service Vulnerability Fix
Looks like you, @netuouso, are the hero of the day. :) Kudos for actually being on the lookout for something wrong, finding the vulnerability and working to fix it. A perfect trifecta of work and effort.
Now, for those of us who can appreciate this, but aren't certain just what it all may have meant for the pending transaction queue had it been attacked, is there anything you can explain about it that would help me to better understand what you all fixed without making any disclosures that shouldn't be disclosed? If not, that's okay. I'm still thankful for all you did. :)
A Denial Of Service (DOS) attack is where someone does something to keep the servers busy doing unnecessary work to slow the system down and prevent others from being able to access the service of the server. It would seem that there was a way to cause the transaction que to loop or do some other work that would keep it busy for a lengthy period of time and this was now fixed to prevent such an attack.
Hey, @happyme.
Thanks for the reply.
Right, so just what could have been exploited by slowing down the transaction queue and keeping it busy? Would a DOS attack allow something else to occur, like getting to what was in the transaction queue? I guess I'm trying to understand the magnitude.
Generally, a DOS attack is simply so that the server is useless and nobody can use it. It is not a security risk on its own.
Okay. Thank you. That's what I was wondering, so I appreciate that.
Not sure if you're into token collecting, but for answering my questions, I'm going to send some of these your way. Hopefully it works. :)
!ENGAGE 100
Well, I'll be darned... I already had 150 tokens in the wallet that I didn't even know about! I'm now having all sorts of crazy ideas floating around in my head about the uses for Steem-engine. Thanks again for the tokens and the link to the website!
No problem. Maybe @abh12345 sent the others your way? Always nice to find out you have more than you thought you did. :)
As far as the crazy ideas, go for it. Crazy ideas have a way of becoming the next big thing. :)
Yes, the other coins were from abh12345. I seem to recall some mention of his coins, but there was no link like I just saw from yours. Probably he used a direct transfer method from within the site.
I've been working on an idea, but this Steem-engine would be great for non-coders like me. I'll definitely be looking deeper into it when I have my idea fully fleshed out.
Sweet! Thank-you! My first engagement tokens.
Here are your
ENGAGEtokens!To view or trade
ENGAGEgo to steem-engine.com.oh yeah @netuoso is great at breaking STEEM with no mention by the elite in control then they seem to make a false vulnerability to give another of steemit incs stooges a leg up
https://steemit.com/steem/@naturicia/nijeah-who-broke-the-blockchain