[ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented - page 117.

ChipMixer

sr. member

Activity: 456

Merit: 956

https://bitcointalk.org/index.php?topic=1935098

Quote from: pnbamania on October 09, 2017, 07:49:39 PM

I have a concern people, Let's say I send 1 BTC to Chipmixer and it commonizes into smaller chips, example 0.25, 0.1,0.1,0.5 etc etc.. and it gives me the keys all good. But when you spend the transaction and spend it anywhere it seems like it's very easy to pinpoint chip mixer transactions in a block.

Lets pick any block for example and see that there will be barely any transaction that's output is EXACTLY in 0.25 or 0.1 or 0.125 and if there are any transaction you can easily link them to chip-mixer transactions. I been scrolling through last few blocks and I can't seem to find any exact whole output.. when I did a transaction it was so easy to notice on block explorer in the block that was mined.

I suppose the only privacy we get is the fact that no one can pinpoint who exactly sent how much to chip mixer.

ChipMixer provides fungibility, not secrecy.

When you use CoinJoin or TumbleBit, you fungible bitcoins but it is no secret that you used it.
When you use Tor, it hides your connection, but it is no secret that you used it.
When you use Https, it hides your data, but it is no secret that you used it.

Fungibility means that every chip-sized transaction may be owned by anyone and there is no connection with previous transactions.

Quote from: DarkStar_ on October 09, 2017, 10:41:55 PM

Quote from: ChipMixer on October 09, 2017, 02:31:07 PM

unless another "China bans Bitcoin" happens, we are ok.

But it's happened over 10 times! Roll Eyes

And every time it happens, mixed volume spikes to all time high.

DarkStar_

legendary

Activity: 2772

Merit: 3284

Quote from: pnbamania on October 09, 2017, 07:49:39 PM

Quote from: richardsNY on October 09, 2017, 12:58:53 PM

Quote from: ChipMixer on October 09, 2017, 12:43:44 PM

We are back online. Another mixers owner has sent over 7M requests to our .onion address (and it is not over yet). We have updated our code to mitigate this attack. Now every new session requires solving a captcha (sorry about that), but at least you can access ChipMixer now.

That explains why the service yesterday wasn't available for quite a long time. I have noticed that it is happening quite regularly that the service experiences a time out, while I must say that these by far aren't as severe as the time out from yesterday. It's a sign that ChipMixer is gaining popularity, which is what certain competitors can't accept. Is that same mixing service also responsible for previous time outs, or are these largely the result of more usage/demand?

I have a concern people, Let's say I send 1 BTC to Chipmixer and it commonizes into smaller chips, example 0.25, 0.1,0.1,0.5 etc etc.. and it gives me the keys all good. But when you spend the transaction and spend it anywhere it seems like it's very easy to pinpoint chip mixer transactions in a block.

Lets pick any block for example and see that there will be barely any transaction that's output is EXACTLY in 0.25 or 0.1 or 0.125 and if there are any transaction you can easily link them to chip-mixer transactions. I been scrolling through last few blocks and I can't seem to find any exact whole output.. when I did a transaction it was so easy to notice on block explorer in the block that was mined.

I suppose the only privacy we get is the fact that no one can pinpoint who exactly sent how much to chip mixer.

You get chips that were created before your deposit. Yes, someone could see that you probably got chips from ChipMixer (though there is nothing stopping you from making your own "chips"), but they don't know that the deposit transaction was. ChipMixer has a very large volume so many many others will be getting chips the same size as well, so you don't know which chip belongs to who. There's no linkage between your chips and your deposit. If you don't want it to look like you are using a mixer, sweep the chip into other addresses and then forward to your final address after.

Quote from: ChipMixer on October 09, 2017, 02:31:07 PM

unless another "China bans Bitcoin" happens, we are ok.

But it's happened over 10 times! Roll Eyes

pnbamania

full member

Activity: 267

Merit: 100

Quote from: richardsNY on October 09, 2017, 12:58:53 PM

Quote from: ChipMixer on October 09, 2017, 12:43:44 PM

We are back online. Another mixers owner has sent over 7M requests to our .onion address (and it is not over yet). We have updated our code to mitigate this attack. Now every new session requires solving a captcha (sorry about that), but at least you can access ChipMixer now.

That explains why the service yesterday wasn't available for quite a long time. I have noticed that it is happening quite regularly that the service experiences a time out, while I must say that these by far aren't as severe as the time out from yesterday. It's a sign that ChipMixer is gaining popularity, which is what certain competitors can't accept. Is that same mixing service also responsible for previous time outs, or are these largely the result of more usage/demand?

I have a concern people, Let's say I send 1 BTC to Chipmixer and it commonizes into smaller chips, example 0.25, 0.1,0.1,0.5 etc etc.. and it gives me the keys all good. But when you spend the transaction and spend it anywhere it seems like it's very easy to pinpoint chip mixer transactions in a block.

Lets pick any block for example and see that there will be barely any transaction that's output is EXACTLY in 0.25 or 0.1 or 0.125 and if there are any transaction you can easily link them to chip-mixer transactions. I been scrolling through last few blocks and I can't seem to find any exact whole output.. when I did a transaction it was so easy to notice on block explorer in the block that was mined.

I suppose the only privacy we get is the fact that no one can pinpoint who exactly sent how much to chip mixer.

Jating

hero member

Activity: 2842

Merit: 772

Quote from: ChipMixer on October 09, 2017, 12:43:44 PM

We are back online. Another mixer has sent over 7M requests to our .onion address (and it is not over yet). We have updated our code to mitigate this attack. Now every new session requires solving a captcha (sorry about that), but at least you can access ChipMixer now.

Ok. Thanks for the explanation. That's why I find it surprising that I wasn't able to access your site about a couple of days and no but to used other services that time because I have to mixed my coins and was eager to get it to my personal wallet. (sorry about that). But I will still used your services again. Just look it at the bright side, you are now gaining popularity, hence the attacked. I don't mind the solving the captcha as long as I know that my privacy here is being protected. Goodluck guys.

ChipMixer

sr. member

Activity: 456

Merit: 956

https://bitcointalk.org/index.php?topic=1935098

Quote from: richardsNY on October 09, 2017, 12:58:53 PM

It's a sign that ChipMixer is gaining popularity, which is what certain competitors can't accept. Is that same mixing service also responsible for previous time outs, or are these largely the result of more usage/demand?

After BitMixer closed and older mixers did not react, we may have risen to top3 (volume based) and most active on this forum. Other mixers may think that attacking us will give them more traffic.

Service timeouts are result of DDoS attacks, chip shortages are result of too much usage/demand. We have increased frequency of chip generation and unless another "China bans Bitcoin" happens, we are ok.

richardsNY

legendary

Activity: 1232

Merit: 1091

Quote from: ChipMixer on October 09, 2017, 12:43:44 PM

We are back online. Another mixers owner has sent over 7M requests to our .onion address (and it is not over yet). We have updated our code to mitigate this attack. Now every new session requires solving a captcha (sorry about that), but at least you can access ChipMixer now.

That explains why the service yesterday wasn't available for quite a long time. I have noticed that it is happening quite regularly that the service experiences a time out, while I must say that these by far aren't as severe as the time out from yesterday. It's a sign that ChipMixer is gaining popularity, which is what certain competitors can't accept. Is that same mixing service also responsible for previous time outs, or are these largely the result of more usage/demand?

ChipMixer

sr. member

Activity: 456

Merit: 956

https://bitcointalk.org/index.php?topic=1935098

We are back online. Another mixer has sent over 7M requests to our .onion address (and it is not over yet). We have updated our code to mitigate this attack. Now every new session requires solving a captcha (sorry about that), but at least you can access ChipMixer now.

Kyraishi

hero member

Activity: 952

Merit: 513

Quote from: Rahar02 on October 08, 2017, 06:16:30 PM

Any problem with chipmixer site? I can't access it right now.
Well, I'm accessing it through chrome browser, and just got 504 gateway time out.
There's no problem with my connection, or I should access it through tor browser?

Me neither. It shouldn't be an isolated incident, but rather something wrong on Chipmixer's side.

I'm guessing that it's just maintenance that they haven't announced. Honestly, they have no incentive at all to scam someone based on the amount of effort they have put into advertising and maintaining their service.

Just wait for them to come up again.

btcton

legendary

Activity: 1302

Merit: 1007

Quote from: TryNinja on October 08, 2017, 07:55:24 PM

Quote from: Rahar02 on October 08, 2017, 06:16:30 PM

Any problem with chipmixer site? I can't access it right now.
Well, I'm accessing it through chrome browser, and just got 504 gateway time out.
There's no problem with my connection, or I should access it through tor browser?

It's not only you. My first thought was that they were still getting DDOS'ed, but neither the clearnet nor the Tor version are working on my side.

Considering that ChipMixer has been active here in the forums, I would not be too worried. If I had to guess, they are probably figuring out a way to prevent the DDoS attacks from taking them down without having to resort to third parties such as Cloudflare. It is either that or just maintenance, unless the website also somehow got taken down through Tor, but I don't see how that could happen. 504 error refers to them not being able to access another server, but as far as I know, ChipMixer doesn't need to access any other server apart from their own, so I am not sure what could cause that.

TryNinja

legendary

Activity: 2758

Merit: 6830

Quote from: Rahar02 on October 08, 2017, 06:16:30 PM

Any problem with chipmixer site? I can't access it right now.
Well, I'm accessing it through chrome browser, and just got 504 gateway time out.
There's no problem with my connection, or I should access it through tor browser?

It's not only you. My first thought was that they were still getting DDOS'ed, but neither the clearnet nor the Tor version are working on my side.

Rahar02

hero member

Activity: 910

Merit: 523

Any problem with chipmixer site? I can't access it right now.
Well, I'm accessing it through chrome browser, and just got 504 gateway time out.
There's no problem with my connection, or I should access it through tor browser?

btcton

legendary

Activity: 1302

Merit: 1007

Quote from: LoyceV on October 06, 2017, 02:07:24 AM

Quote from: btcton on October 05, 2017, 10:55:00 PM

The potential problem is it would isolate more casual users who do not know about Tor or do not want to bother learning about it.

Although you're right most users don't know about Tor, you're wrong on the "learning" part. Using Tor is as simple as downloading the browser, just like you'd install Firefox or Chrome on your new PC.
After this, it's pretty straight forward to use the browser.

I am not talking strictly about using Tor, as you are right, it is not really hard. However, outside of those of us who have used it before, it has a negative connotation that is usually associated with suspicious and illegal activity on the dark web. What I was referring to is people understanding what Tor really is and how it works and the reason it could be used instead of other non-private protocols. The actual act of using it is fairly simple, of course.

cafucafucafu

hero member

Activity: 812

Merit: 509

Quote from: ChipMixer on October 06, 2017, 02:28:22 PM

Quote from: LoyceV on October 06, 2017, 02:07:24 AM

@ChipMixer: the video on your site has been a placeholder for quite a while now. That can't be good for new users.

You are right, we have had too much other ideas and video was never finished. We have received a lot of question both here and at support e-mail. We will use this knowledge with the video.

Great to know, chipmixer.

BTW, have you implemented anything to prevent the chips running out yet? I think that is a major issue that you need to solve before even considering to place the video there. Once you solve that issue, you can move onto other things.

ChipMixer

sr. member

Activity: 456

Merit: 956

https://bitcointalk.org/index.php?topic=1935098

Quote from: LoyceV on October 06, 2017, 02:07:24 AM

@ChipMixer: the video on your site has been a placeholder for quite a while now. That can't be good for new users.

You are right, we have had too much other ideas and video was never finished. We have received a lot of question both here and at support e-mail. We will use this knowledge with the video.

cafucafucafu

hero member

Activity: 812

Merit: 509

Quote from: LoyceV on October 06, 2017, 02:07:24 AM

Quote from: btcton on October 05, 2017, 10:55:00 PM

The potential problem is it would isolate more casual users who do not know about Tor or do not want to bother learning about it.

Although you're right most users don't know about Tor, you're wrong on the "learning" part. Using Tor is as simple as downloading the browser, just like you'd install Firefox or Chrome on your new PC.
After this, it's pretty straight forward to use the browser.

@ChipMixer: the video on your site has been a placeholder for quite a while now. That can't be good for new users.
Also: I suggest you remove the word "below":

Quote

Watch the video ~~below~~ to learn more about ChipMixer.

Definitely. Pretty much there has been a placeholder there ever since the new version of Chipmixer has been around, i mean i get that the team is probably busy with other stuff but i believe that a video is especially necessary for new users specifically as well.

Adding a video can boost confidence in the service for first timers by a lot as well, imo.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: btcton on October 05, 2017, 10:55:00 PM

The potential problem is it would isolate more casual users who do not know about Tor or do not want to bother learning about it.

Although you're right most users don't know about Tor, you're wrong on the "learning" part. Using Tor is as simple as downloading the browser, just like you'd install Firefox or Chrome on your new PC.
After this, it's pretty straight forward to use the browser.

@ChipMixer: the video on your site has been a placeholder for quite a while now. That can't be good for new users.
Also: I suggest you remove the word "below":

Quote

Watch the video ~~below~~ to learn more about ChipMixer.

btcton

legendary

Activity: 1302

Merit: 1007

Quote from: audaciousbeing on October 05, 2017, 04:36:48 AM

Quote from: btcton on October 04, 2017, 01:32:28 PM

Quote from: pnbamania on October 04, 2017, 12:18:18 AM

Ok I am a noob and I don't know much of technical stuff but can't Chip-mixer make a encrypted connection between the client and it's servers so if a third party is involved the data is well encrypted? I don't know if it's even possible lol

That would be the HTTPS protocol, which as you might expect, ChipMixer is already using. When you try visiting ChipMixer.com, you will find yourself redirected to https://chipmixer.com rather than http://chipmixer.com. If you click on the lock in your address bar when this happens, you will see all of the information related to the encryption used, website identity, etc.

On a side note, it seems like the site is still down. I am not well versed in the methods possible to resist DDoS attacks, only simply jargon such as null-routing incoming traffic, but as a reminder to anyone trying to use the website when it's down, feel free to access it through Tor.

It actually took me a while to identify the difference in the two options you posted. If the DDOS attack is too much and there is no way around it without compromising the privacy of users, then I dont see anything wrong in migrating completely to Tor. Anybody who even value privacy to have been convinced on going through with mixing services, should also be aware of Tor and even more convenient in using it by default.

I think at this point, emphasis should be placed more on the Tor version of the site if the normal is becoming unavailable for use at the right time.

The potential problem is it would isolate more casual users who do not know about Tor or do not want to bother learning about it. Not everyone who uses mixers goes all the way with privacy tools such as Tor. I can use myself as an example: I do not really care much for what information my ISP could get from my browsing history; I do not really do anything that would raise any flags or be seen as illegal or as a violation of their ToS. My reason for using ChipMixer is simply to cut ties between any old addresses and my new ones as well as making sure no trace is left when switching wallets. I do not really use Tor as I have no need for it, but I do have a need (or at least significant want) for making sure my bitcoins are properly mixed.

audaciousbeing

hero member

Activity: 1330

Merit: 569

Quote from: btcton on October 04, 2017, 01:32:28 PM

Quote from: pnbamania on October 04, 2017, 12:18:18 AM

Ok I am a noob and I don't know much of technical stuff but can't Chip-mixer make a encrypted connection between the client and it's servers so if a third party is involved the data is well encrypted? I don't know if it's even possible lol

That would be the HTTPS protocol, which as you might expect, ChipMixer is already using. When you try visiting ChipMixer.com, you will find yourself redirected to https://chipmixer.com rather than http://chipmixer.com. If you click on the lock in your address bar when this happens, you will see all of the information related to the encryption used, website identity, etc.

On a side note, it seems like the site is still down. I am not well versed in the methods possible to resist DDoS attacks, only simply jargon such as null-routing incoming traffic, but as a reminder to anyone trying to use the website when it's down, feel free to access it through Tor.

It actually took me a while to identify the difference in the two options you posted. If the DDOS attack is too much and there is no way around it without compromising the privacy of users, then I dont see anything wrong in migrating completely to Tor. Anybody who even value privacy to have been convinced on going through with mixing services, should also be aware of Tor and even more convenient in using it by default.

I think at this point, emphasis should be placed more on the Tor version of the site if the normal is becoming unavailable for use at the right time.

btcton

legendary

Activity: 1302

Merit: 1007

Quote from: pnbamania on October 04, 2017, 12:18:18 AM

Ok I am a noob and I don't know much of technical stuff but can't Chip-mixer make a encrypted connection between the client and it's servers so if a third party is involved the data is well encrypted? I don't know if it's even possible lol

That would be the HTTPS protocol, which as you might expect, ChipMixer is already using. When you try visiting ChipMixer.com, you will find yourself redirected to https://chipmixer.com rather than http://chipmixer.com. If you click on the lock in your address bar when this happens, you will see all of the information related to the encryption used, website identity, etc.

On a side note, it seems like the site is still down. I am not well versed in the methods possible to resist DDoS attacks, only simply jargon such as null-routing incoming traffic, but as a reminder to anyone trying to use the website when it's down, feel free to access it through Tor.

HeRetiK

legendary

Activity: 3122

Merit: 2178

Playgram - The Telegram Casino

Quote from: ChipMixer on October 04, 2017, 05:41:23 AM

Quote from: HeRetiK on October 04, 2017, 02:18:32 AM

Cloudflare is basically a legitimized man-in-the-middle attack, ie. while the data gets encrypted between User / Cloudflare and Cloudflare / ChipMixer the data still gets decrypted -- and possibly stored -- on Cloudflare's server.

This is correct.
In case of other mixers using CloudFlare, CloudFlare knows your input address and output addresses. In our case, if we would use CloudFlare, CloudFlare would know input addresses and private keys. CloudFlare is US company so it is reasonable to think that any three letter institution could get an access by court order.

Holy shit I absolutely forgot about the private keys. Those would indeed fall into CloudFlare's hands as well. Not only that, just imagine something like Cloudbleed happening again. That'd be disastrous.

Quote from: mocacinno on October 04, 2017, 07:55:57 AM

[...]

* cloudflare has 2 SSL "modes": flexible and full. For an enduser, it's allmost impossible to tell wether the site he's visiting is using full or flexible SSL mode. If a site is setup with the flexible SSL mode, it is possible for your data to be encrypted between your computer and cloudflare, but unencrypted (over port 80) between cloudflare and the server. So, if everything is setup correctly (full ssl mode), there is no problem, but if the admin was lazy and setup the flexible ssl mode, the user might never know his data is being transferred unencrypted.

[...].

That's why every dev team needs "that paranoid guy" making sure that shit like that doesn't fly Wink

Topic: [ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented - page 117. (Read 92822 times)