Topic: An unknown person or group may be collecting the IP addresses of Bitcoin (Read 266 times)

yes this topics FUD is about doing the crawling using known connections to then find more connections (its how the network normally works)

its not about some entity just random bruting every IP of the entire internet to test which of every internet user is using bitcoin

this process discussed is not about staying connected to all nodes to then watch for who broadcasts a tx first to locate which tx belongs to which node

According to pseudonymous developer 0xB10C's blog post, the entity allegedly used a number of different IP addresses to connect to Bitcoin full nodes on the network and ask them which version of Bitcoin software they are using.

 The blog post speculates that the entity is attempting to determine whether a particular node can be reached at a particular IP address, thereby violating the privacy of Bitcoin holders connected to those nodes.

If I have not misunderstood all the ip addresses used seem to come from a limited area.  Anyway my advice is to use an OS like Tails under tor on a USB key to manage your wallets.  I know I have a certain security mania.  Even qubes OS is not bad, indeed.

Read what franky1 said and a few others. This is noting new. There are sites that have been doing it for years. THERE ARE OR WERE A FEW THINGS ON GITHUB THAT WOULD DO THIS. All nodes can find out about all other nodes. That is how BTC works.

Part of me wants to report this thread, another wants it to stay up to fight FUD so there is real info out there.

-Dave

Governmen

Could this be an attempt by some government, or set of governments, to limit bitcoin in some way? It could be the prelude to a "war" aimed at limiting privacy and anonymous transactions that world governments want to carry on.

It's interesting find. But it's nothing new and IIRC Chanalysis also did same thing by running bunch of Bitcoin full node Electrum server. Although i wonder how effective is it to find origin of a transaction only by listening for inv message only for 150 seconds on 18% or less connection.


In addition, OP should also state that he only copy statement from https://cointelegraph.com/news/mysterious-entity-may-be-collecting-btc-users-ip-addresses-bitcoin-developer.

node crawlers only link up for seconds. they dont stay connected to then sniff out transaction broadcasts

the whole point of the bitcoin network is to find other peers to talk to.. so if you are a noob wondering why nodes connect to nodes.. its called a peer 2 peer network.

nodes are suppose to find each other
mode nodes only want to connect to like 8 other nodes. some more.. and yes it seems nodes trying to search out 15,000+ other nodes may seem a bit too much and may seem suspect, but no its not suspect. even the core devs do it themselves. they have crawlers and bitdns seeds that gather thousands of connection details.

knowing your ip or tor domain does not reveal your real life name. its just connection details

if someone has been telling you about privacy and anonymity. they lied bitcoin is not anonymous, its pseudonymous

bitcoin does not specifically KYC your life story. but it also does not do anything to hide you should you reveal your life to others

this is why people need to put in the extra effort to think about what they reveal to others.
such as using tor, proxies, vpn

That's why a blockchain is said to be an open distributed ledger, anyone can have access to them, but remember that the right they don't have is to alter anything from it, which is when immutability comes in, so if you think you're very conscious of your privacy and wouldn't want to be traced, then avoid centralized exchanges, run your own full node on the blockchain, bitcoincore is a good recommendation here.

Government can't use this method as mentioned that it was a violation of privacy even they don't try to show it to public. This is one of the pros but the one I consider cons is that once their system is hacked, it's possible that those data might leak. There's many events that have the same scenario just like this. For example Facebook was sued for the same situation where the CEO of Facebook ( Mark Zuckerberg ) was in court. Recently I've also seen the TikTok CEO also having the same situation which he had to defend the privacy data of it's users.

You should reference the original article from 0xB10C: LinkingLion: An entity linking Bitcoin transactions to IPs? Do dandelions help against lions?

The Summarise:


Anyone who have done bitcoin transaction without using their own node should expect that the transaction can be tracked, even without this LinkingLion thing. The solution for the users themselves is to simply run their own node, and currently, also using the mitigation ways as stated in the article to block the alleged LinkingLions' motive.

from what you are explaining its just grabbing data from bitcoin DNS seed nodes and then node crawling for more. well thats something thats always been done
many websites show dozens of thousands of ip addresses of IP nodes

bitnodes.io has had lists for years

bitnodes does it by not just asking for user agent details but asking for the getaddr command that means it asks the connected node for their connected nodes. this is called 'crawling'

But is this method possible by determining its bitcoin address that simple. Its clearly an attempt to do that and if forced thats a violation of privacy. Im wondering why the government wouldnt try to use a platform for this to hunt those scammers. Maybe it will be helpful but this will also be a chaos for those people who only eant their identity hidden.

I don't know for sure however, a look at the entity's behavior suggests that it might try to determine if a certain node is reachable at a certain IP address by linking to their Bitcoin address.

If that data is publicly available information, it is not a violation for someone to try to access that data and use it.

Run your node over TOR for extra privacy.

BTC users and linking them to their BTC addresses, violating the privacy of these users, according to a blog post from pseudonymous Bitcoin app developer 0xB10C. The entity has been active since March 2018, and its IP addresses have shown up on several public posts from Bitcoin node operators over the past several years.

0xB10C is the developer of several Bitcoin analytics websites, including Mempool.observer and Transactionfee.info. They have also been awarded a Bitcoin developer grant from Brink.dev in the past.

0xB10C calls the entity “LinkingLion” because the IP addresses associated with it pass through LionLink network’s colocation data center. However, ARIN and RIPE registry information reveal that this company is probably not the originator of the messages, according to 0xB10C.

The entity uses a range of 812 different IP addresses to open connections with Bitcoin full nodes that are visible on the network (also called “listening nodes”). Once it opens a connection, the entity asks the node which version of the Bitcoin software it is using. However, when the node responds with a version number and message stating that it has understood the request, the entity closes its connection about 85% of the time without responding.

According to the post, this behavior may indicate that the entity is trying to determine if a particular node can be reached at a particular IP address.

Anyone know about this?