Any chance of a windows build of 0.5 with the patch?
+1
Topic: . - page 7. (Read 40299 times)
Any chance of a windows build of 0.5 with the patch?
+1
I don't need builds; please give me an URL for the source code of the version 0.4 patch. I'll give your code a quick security review (so hopefully it won't be too large) and then I'll compile my own client.
From the OP:
I'd prefer that approach, since I don't really trust arbitrary websites. It might secretly remember the private keys of the generated addresses and its operators might decide to cash out as soon as a certain amount of money is stored on addresses generated by them.
bitaddress.org is designed so that you can download the HTML/JS file(s) and run them on an offline machine. It's all done in Javascript client-side and nothing goes to the server. 
It's possible https://www.bitaddress.org could be useful for you to create separate accounts which you won't accidentally spend.
Thanks for the suggestion. Isn't it true that I can do the same with some Linux scripts? I think I've read something like that in another thread. I'd prefer that approach, since I don't really trust arbitrary websites. It might secretly remember the private keys of the generated addresses and its operators might decide to cash out as soon as a certain amount of money is stored on addresses generated by them.Anyway, I think this still requires a patch in my Bitcoin client, so that I can later import the private key.
Quote
I updated the code for 0.4 but never released builds since I didn't perceive any demand for them. The code is now updated for the 0.5 qt gui so once 0.5 is officially released I'll release builds with my patch as well.
I don't need builds; please give me an URL for the source code of the version 0.4 patch. I'll give your code a quick security review (so hopefully it won't be too large) and then I'll compile my own client.
TLDR: this patch allows you to:
- see all addresses, including change
- see which addresses are linked together (does recursive expansion of address linkages)
- select which address(es) to send from, rather than letting the client to chose for you
Very nice. I hadn't seen this before now.- see all addresses, including change
- see which addresses are linked together (does recursive expansion of address linkages)
- select which address(es) to send from, rather than letting the client to chose for you
why conflate the two issues?
Because to non-technical users, "privacy" is a single feature, not a series of separate technical issues.I updated the code for 0.4 but never released builds since I didn't perceive any demand for them. The code is now updated for the 0.5 qt gui so once 0.5 is officially released I'll release builds with my patch as well.
Awesome. I'll patch 0.5 when I start using it. I really need this patch! Is it available for version 0.4.0?
It doesn't seem to be in the standard client (0.4.0) yet. Why not? Sure, advertising it as an anonymity feature might give false expectations, but the same is true for the current client, since Bitcoin already has an anonymity reputation. This feature is not sufficient for complete anonymity, but it is a necessary (IMHO) component of a anonymous set-up, and as such it is a useful addition to the client. Sure, it adds complexity to the user interface (I haven't seen it yet), but this can easily be an 'optional' feature (and disabled by default), can't it?
Besides, I need it for a completely different reason: I want to manage several separated accounts, for an open source software development 'bounty' system (e.g., 'if you want to have this feature, send BTC to that address'). I want others to be able to see how much has been donated so far (or even how much they can receive if they implement the requested feature), so I don't want to accidentally spend bitcoins from the donation address.
It doesn't seem to be in the standard client (0.4.0) yet. Why not? Sure, advertising it as an anonymity feature might give false expectations, but the same is true for the current client, since Bitcoin already has an anonymity reputation. This feature is not sufficient for complete anonymity, but it is a necessary (IMHO) component of a anonymous set-up, and as such it is a useful addition to the client. Sure, it adds complexity to the user interface (I haven't seen it yet), but this can easily be an 'optional' feature (and disabled by default), can't it?
Besides, I need it for a completely different reason: I want to manage several separated accounts, for an open source software development 'bounty' system (e.g., 'if you want to have this feature, send BTC to that address'). I want others to be able to see how much has been donated so far (or even how much they can receive if they implement the requested feature), so I don't want to accidentally spend bitcoins from the donation address.
It's possible https://www.bitaddress.org could be useful for you to create separate accounts which you won't accidentally spend.
I really need this patch! Is it available for version 0.4.0?
It doesn't seem to be in the standard client (0.4.0) yet. Why not? Sure, advertising it as an anonymity feature might give false expectations, but the same is true for the current client, since Bitcoin already has an anonymity reputation. This feature is not sufficient for complete anonymity, but it is a necessary (IMHO) component of a anonymous set-up, and as such it is a useful addition to the client. Sure, it adds complexity to the user interface (I haven't seen it yet), but this can easily be an 'optional' feature (and disabled by default), can't it?
Besides, I need it for a completely different reason: I want to manage several separated accounts, for an open source software development 'bounty' system (e.g., 'if you want to have this feature, send BTC to that address'). I want others to be able to see how much has been donated so far (or even how much they can receive if they implement the requested feature), so I don't want to accidentally spend bitcoins from the donation address.
It doesn't seem to be in the standard client (0.4.0) yet. Why not? Sure, advertising it as an anonymity feature might give false expectations, but the same is true for the current client, since Bitcoin already has an anonymity reputation. This feature is not sufficient for complete anonymity, but it is a necessary (IMHO) component of a anonymous set-up, and as such it is a useful addition to the client. Sure, it adds complexity to the user interface (I haven't seen it yet), but this can easily be an 'optional' feature (and disabled by default), can't it?
Besides, I need it for a completely different reason: I want to manage several separated accounts, for an open source software development 'bounty' system (e.g., 'if you want to have this feature, send BTC to that address'). I want others to be able to see how much has been donated so far (or even how much they can receive if they implement the requested feature), so I don't want to accidentally spend bitcoins from the donation address.
That's just excellent work. I'm surprised it generated so little buzz and isn't adopted into the official client until now.
On a separate note, Suggester suggests a Redistribute coins button, an option which moves all your funds to a chosen number of new wallets with the desired proportion of your current coins assigned for each. A user would then be able to consolidate his wealth from all his, say, 17 addresses into just 3 new ones, with the first one containing 49% of his coins, the second one 26%, and the third 25% (he will be able to assign those %'s arbitrarily using a simple interface). Similarly, he might want to break up his single wallet into, say, 4 different wallets, using them for 4 different purposes. When the transactions clear after 10 minutes, it'll be harder for anyone to prove that this user still owns the coins previously associated with his identity.
For the suggestion to be practical for anonymity purposes though, I strongly recommend another adjustable option where the user chooses how much time to assign for the whole operation. For example, choosing "63.2 hours" would move random chunks of the coins into their new distribution over that period of time (the client would have to be connected for the whole duration). That would make plausible deniability much stronger because you usually don't have 17 people simultaneously sending all their coins to 3 new addresses! If done correctly, it will be virtually impossible after that for anyone to prove that he still owns the coins. We're essentially simulating a change-of-ownership.
This can all be currently done using windows explorer and separate wallet files, but it'll be a big pain in the butt.
That would be a great feature of an online wallet website. Just send funds with the parameters and addresses, and it'll all be done automatically by the site for a small fee. On a separate note, Suggester suggests a Redistribute coins button, an option which moves all your funds to a chosen number of new wallets with the desired proportion of your current coins assigned for each. A user would then be able to consolidate his wealth from all his, say, 17 addresses into just 3 new ones, with the first one containing 49% of his coins, the second one 26%, and the third 25% (he will be able to assign those %'s arbitrarily using a simple interface). Similarly, he might want to break up his single wallet into, say, 4 different wallets, using them for 4 different purposes. When the transactions clear after 10 minutes, it'll be harder for anyone to prove that this user still owns the coins previously associated with his identity.
For the suggestion to be practical for anonymity purposes though, I strongly recommend another adjustable option where the user chooses how much time to assign for the whole operation. For example, choosing "63.2 hours" would move random chunks of the coins into their new distribution over that period of time (the client would have to be connected for the whole duration). That would make plausible deniability much stronger because you usually don't have 17 people simultaneously sending all their coins to 3 new addresses! If done correctly, it will be virtually impossible after that for anyone to prove that he still owns the coins. We're essentially simulating a change-of-ownership.
This can all be currently done using windows explorer and separate wallet files, but it'll be a big pain in the butt.
That's just excellent work. I'm surprised it generated so little buzz and isn't adopted into the official client until now.
On a separate note, Suggester suggests a Redistribute coins button, an option which moves all your funds to a chosen number of new wallets with the desired proportion of your current coins assigned for each. A user would then be able to consolidate his wealth from all his, say, 17 addresses into just 3 new ones, with the first one containing 49% of his coins, the second one 26%, and the third 25% (he will be able to assign those %'s arbitrarily using a simple interface). Similarly, he might want to break up his single wallet into, say, 4 different wallets, using them for 4 different purposes. When the transactions clear after 10 minutes, it'll be harder for anyone to prove that this user still owns the coins previously associated with his identity.
For the suggestion to be practical for anonymity purposes though, I strongly recommend another adjustable option where the user chooses how much time to assign for the whole operation. For example, choosing "63.2 hours" would move random chunks of the coins into their new distribution over that period of time (the client would have to be connected for the whole duration). That would make plausible deniability much stronger because you usually don't have 17 people simultaneously sending all their coins to 3 new addresses! If done correctly, it will be virtually impossible after that for anyone to prove that he still owns the coins. We're essentially simulating a change-of-ownership.
This can all be currently done using windows explorer and separate wallet files, but it'll be a big pain in the butt.
On a separate note, Suggester suggests a Redistribute coins button, an option which moves all your funds to a chosen number of new wallets with the desired proportion of your current coins assigned for each. A user would then be able to consolidate his wealth from all his, say, 17 addresses into just 3 new ones, with the first one containing 49% of his coins, the second one 26%, and the third 25% (he will be able to assign those %'s arbitrarily using a simple interface). Similarly, he might want to break up his single wallet into, say, 4 different wallets, using them for 4 different purposes. When the transactions clear after 10 minutes, it'll be harder for anyone to prove that this user still owns the coins previously associated with his identity.
For the suggestion to be practical for anonymity purposes though, I strongly recommend another adjustable option where the user chooses how much time to assign for the whole operation. For example, choosing "63.2 hours" would move random chunks of the coins into their new distribution over that period of time (the client would have to be connected for the whole duration). That would make plausible deniability much stronger because you usually don't have 17 people simultaneously sending all their coins to 3 new addresses! If done correctly, it will be virtually impossible after that for anyone to prove that he still owns the coins. We're essentially simulating a change-of-ownership.
This can all be currently done using windows explorer and separate wallet files, but it'll be a big pain in the butt.
Does this patch give any sort of warning if bitcoin isn't being used through a proxy?
I worry that a user will be REALLY careful keeping all their addresses separated so their ordinary transactions are separate from their fund-the-oppositition transactions, and then will get busted by the Secret Police who were eavesdropping on their bitcoin IP traffic at their ISP.
I worry that a user will be REALLY careful keeping all their addresses separated so their ordinary transactions are separate from their fund-the-oppositition transactions, and then will get busted by the Secret Police who were eavesdropping on their bitcoin IP traffic at their ISP.
I see what you're saying although I don't think that's really a fair criticism of the patch. Obtaining any really high level of anonymity is a very complex endeavor that no patch alone will get you.
This patch and a tor patch and an integrated laundering patch would just about cover it.
It may even be worthwhile to make a network almost exactly like tor, except only for bitcoin.
why conflate the two issues?
Because to non-technical users, "privacy" is a single feature, not a series of separate technical issues.
Neither feature impacts nor increases the urgent need for the other and neither could claim to be the final "privacy" feature.
Could you also compile a 32-bit Linux binary?
I've failed to compile wxWidgets 2.9.2 and couldn't compile the patch with wxWidgets 2.8 on 32-bit Ubuntu 11.04
Quote
Does this patch give any sort of warning if bitcoin isn't being used through a proxy?
It raises the valid question whether the satoshi bitcoin client should actually have some kind of warning/button/icon to indicate that it isn't being used through a proxy.
(I mean checking in the Options... is not hard but all browsers now have the little padlock icon when a secure SSL connection is active ... for example.)
why conflate the two issues?
Because to non-technical users, "privacy" is a single feature, not a series of separate technical issues.
Does this patch give any sort of warning if bitcoin isn't being used through a proxy?
I worry that a user will be REALLY careful keeping all their addresses separated so their ordinary transactions are separate from their fund-the-oppositition transactions, and then will get busted by the Secret Police who were eavesdropping on their bitcoin IP traffic at their ISP.
I worry that a user will be REALLY careful keeping all their addresses separated so their ordinary transactions are separate from their fund-the-oppositition transactions, and then will get busted by the Secret Police who were eavesdropping on their bitcoin IP traffic at their ISP.
They're clearly separate issues that can be tackled one at a time. This patch increases privacy with respect to all transaction partners, and those that can identify the transaction partners, but does not change anything with respect to eavesdroppers. Which is fine - why conflate the two issues?
Does this patch give any sort of warning if bitcoin isn't being used through a proxy?
I worry that a user will be REALLY careful keeping all their addresses separated so their ordinary transactions are separate from their fund-the-oppositition transactions, and then will get busted by the Secret Police who were eavesdropping on their bitcoin IP traffic at their ISP.
I worry that a user will be REALLY careful keeping all their addresses separated so their ordinary transactions are separate from their fund-the-oppositition transactions, and then will get busted by the Secret Police who were eavesdropping on their bitcoin IP traffic at their ISP.
I'd like it be be in the main client, but I'd like it to be called "privacy mode", as opposed to "advanced view", for its educational effect.
For further educational effect, privacy mode could enable informational warnings that let you know which addresses/identites are being linked during a transaction.
If address labels have multiple entries: identity, one to distinguish same-identity addresses, and an "Is Reused?" checkbox for send addresses that you know or expect get reused with multiple people, then the messages generated can be much more personalized and succinct, and will hit home better.
Imagine if when you tried to send some bitcoins you got a warning like this:
Or maybe replace ShadyDude with Wikileaks' public address, and RichMistress with BusinessIPatronize (who happens to reuse the same address and needed to send you a refund one time, and who is now being subpoenaed by the Stasi into identifying you as the owner of the address the sent the refund to in order to prove you donated to Wikileaks).
Clearly address reuse is really bad for privacy, and the consequences are not internalized to the address re-users, so I think new address requests (and labeling) should be automated for all clients, not just privacy-conscious ones.
Sorry if this is obvious or flawed - I'm new to this stuff - but here's an idea for how to do this:
This can be done by having a contacts list, and a single master public key from each of their contacts, from which they can deterministically derive as many addresses as they want. These addresses can't be associated by outsiders as long as the master public key is kept secret. See this post by Stefan http://forum.bitcoin.org/index.php?topic=19137.msg318989#msg318989 and the one below by gmaxwell about choosing a sequence of serial numbers for how it might be implemented: .
Of course lost master private keys will be a problem, but this can be mitigated by users having (untrusted) storage servers that serve the master public keys to their contacts (the same one that syncs your everyday-use wallet between devices?). This way they can be easily changed at any time, all at once, and in one place, if necessary, and the contacts will always check that they're up to date.
Hopefully privacy mode would also turn on Tor as well.
Considering the "Bitcoin is anonymous" spin in the media, I really think we're going to have a lot of people unwittingly find themselves in a lot of trouble with criminals, spouses, friends, governments, etc. if they can't easily learn how Bitcoin is working for them in practice. Somebody said here that users aren't stupid, but the client is making them stupid, and I completely agree.
For further educational effect, privacy mode could enable informational warnings that let you know which addresses/identites are being linked during a transaction.
If address labels have multiple entries: identity, one to distinguish same-identity addresses, and an "Is Reused?" checkbox for send addresses that you know or expect get reused with multiple people, then the messages generated can be much more personalized and succinct, and will hit home better.
Imagine if when you tried to send some bitcoins you got a warning like this:
Quote
WARNING!
This transaction will reveal to
ShadyDude:
That you own 957 BTC minus the 2 you're currently sending to them, and that you received 955.5 of them from RichMistress on June 2, 2011 at 11:38 AM (for extra effect, assume her identity is public knowledge because you know she reuses addresses with multiple people
), and 1.5 from address 1B... on May 1, 2011 at 4:56 PM.
RichMistress:
That you're sending 2 BTC to address 1M... right now, and that you received 1.5 from address 1B... on May 1, 2011 at 4:56 PM.
Wife:
That you're sending 2 BTC to address 1M... right now, and that you received 955.5 BTC from RichMistress on July 12, 2011 at 11:38 AM.
If this is too revealing, then use the Send To Address tab to manually select the addresses to send from.
This transaction will reveal to
ShadyDude:
That you own 957 BTC minus the 2 you're currently sending to them, and that you received 955.5 of them from RichMistress on June 2, 2011 at 11:38 AM (for extra effect, assume her identity is public knowledge because you know she reuses addresses with multiple people
), and 1.5 from address 1B... on May 1, 2011 at 4:56 PM.RichMistress:
That you're sending 2 BTC to address 1M... right now, and that you received 1.5 from address 1B... on May 1, 2011 at 4:56 PM.
Wife:
That you're sending 2 BTC to address 1M... right now, and that you received 955.5 BTC from RichMistress on July 12, 2011 at 11:38 AM.
If this is too revealing, then use the Send To Address tab to manually select the addresses to send from.
Or maybe replace ShadyDude with Wikileaks' public address, and RichMistress with BusinessIPatronize (who happens to reuse the same address and needed to send you a refund one time, and who is now being subpoenaed by the Stasi into identifying you as the owner of the address the sent the refund to in order to prove you donated to Wikileaks).
Clearly address reuse is really bad for privacy, and the consequences are not internalized to the address re-users, so I think new address requests (and labeling) should be automated for all clients, not just privacy-conscious ones.
Sorry if this is obvious or flawed - I'm new to this stuff - but here's an idea for how to do this:
This can be done by having a contacts list, and a single master public key from each of their contacts, from which they can deterministically derive as many addresses as they want. These addresses can't be associated by outsiders as long as the master public key is kept secret. See this post by Stefan http://forum.bitcoin.org/index.php?topic=19137.msg318989#msg318989 and the one below by gmaxwell about choosing a sequence of serial numbers for how it might be implemented: .
Of course lost master private keys will be a problem, but this can be mitigated by users having (untrusted) storage servers that serve the master public keys to their contacts (the same one that syncs your everyday-use wallet between devices?). This way they can be easily changed at any time, all at once, and in one place, if necessary, and the contacts will always check that they're up to date.
Hopefully privacy mode would also turn on Tor as well.
Considering the "Bitcoin is anonymous" spin in the media, I really think we're going to have a lot of people unwittingly find themselves in a lot of trouble with criminals, spouses, friends, governments, etc. if they can't easily learn how Bitcoin is working for them in practice. Somebody said here that users aren't stupid, but the client is making them stupid, and I completely agree.
Jump to: