This post will be a high level overview of how to easily block traffic coming from SubstratumNode v0.4.1. Since this version of SubstratumNode is still technically in beta, I won’t be going into detail about how to reproduce each step. However, if you have a basic understanding of Unix command line, spinning up a VPS, and firewalls, you’ll be able to identify, log, and block SubstratumNode IP addresses as well.
If you’re part of the pump and dump groups… Raise your hand if you’ve been part of one! I’m raising my hand… I’ve been part of one.
This is seriously one of the funniest things I have ever watched, and I’m not sure how I missed this. In this video, Substratum CEO Justin Tabb admits he used to be part of a pump and dump group in front of a live audience. This is honestly what I love about crypto. The contrast between some of the most brilliant minds in the world with CEOs who discuss their past lives as pump and dumpers makes for such a beautiful shitshow. I don’t mean this in a bad way at all. Crypto is an emerging industry, and it’s truly fascinating to watch it mature. Can you imagine what would happen if Tim Cook went on stage at WWDC and announced told the audience he used to pump and dump stocks?
We went to Zōjō-ji to check out the New Year festivities last night. I love the architectural mix of old and new.
Earlier today, I came across this Reddit thread about the price of SUB pumping 15% in the days leading up to the scheduled EOY2018 release of SubstratumNode V1. I did not find this initial price increase to be suspicious because “buy the rumor, sell the news” is a very well documented behavior in capital markets. What I did find suspicious was the subsequent downtrend that started around 7 PM (UTC) on December 30, 2018. Here’s a chart showing the price action of SUB/BTC on Binance along with a few observations.
When you go and connect to a VPN server, you’re connecting to vpn.myvpn.net or whatever it is, and that’s a single point of failure most of the time. So China’s able to very easily pull down from what we’ve heard from Chinese citizens that are inside of China uh new VPNs as they pop up. The difference with Substratum is that it’s myriad points, right? So if you knocked down one point even if you could, which you know it’s being built that you can’t. But even if you could knock down that one point, you know because of the self-healing that’s rolling out right now, it finds another one automatically. You don’t have to restart the product, you don’t have to change any settings. The idea is that it just continues to work. It does all the hard work for you. And so I’m very excited where we are headed in 2019
I think Substratum’s “self-healing” property will ultimately be the cause of its downfall. It’s obvious that a node on the Substratum network will always know the IP address of the next-hop node. Since this is the case, a quick inspection of SubstratumNode’s command line interface (CLI) will reveal the IP address of another node on the network. If that IP address is locally blocked, the node software should then begin the process of “self-healing” and look for another node on the network. Rinse and repeat this process, and you’ll soon have a list of the IP addresses of nodes on the Substratum network.
Now that I think about it more, it doesn’t even have to be so complicated. Another way to harvest IPs would be to set up a basic VPS with NGINX or Apache and upload a simple web page. Next, just browse to the VPS’ IPs through the Substratum network and block the exit node IPs that hit the VPS. If Substratum’s self-healing feature works as advertised, the node software should continuously rotate exit nodes, which makes it extremely easy to compile a full list of IPs to block. This flaw could potentially be very dangerous for Chinese citizens due to the government’s control over telecom companies. With a list of IPs, the Chinese government could potentially identify individuals who are using SubstratumNode. I hate censorship, but SubstratumNode doesn’t seem to be the answer.
Self-healing or self-destruction?