Author

Topic: [ANN] ChipMixer.com - Bitcoin mixer / Bitcoin tumbler - mixing reinvented - page 118. (Read 92891 times)

legendary
Activity: 3612
Merit: 5297
https://merel.mobi => buy facemasks with BTC/LTC
Cloudflare is basically a legitimized man-in-the-middle attack, ie. while the data gets encrypted between User / Cloudflare and Cloudflare / ChipMixer the data still gets decrypted -- and possibly stored -- on Cloudflare's server.
This is correct.
In case of other mixers using CloudFlare, CloudFlare knows your input address and output addresses. In our case, if we would use CloudFlare, CloudFlare would know input addresses and private keys. CloudFlare is US company so it is reasonable to think that any three letter institution could get an access by court order.

The reason given by chipmixer in the post above mine ^^ is the main reason why a mixer shouldn't use cloudflare. There are other reasons tough, like there are:
* cloudflare is able to inject any type of content into any page that goes trough their servers
* cloudflare has 2 SSL "modes": flexible and full. For an enduser, it's allmost impossible to tell wether the site he's visiting is using full or flexible SSL mode. If a site is setup with the flexible SSL mode, it is possible for your data to be encrypted between your computer and cloudflare, but unencrypted (over port 80) between cloudflare and the server. So, if everything is setup correctly (full ssl mode), there is no problem, but if the admin was lazy and setup the flexible ssl mode, the user might never know his data is being transferred unencrypted.
* the mixer admin has to sign in to his cloudflare account pretty often, so if he's not carefull with using a VPN all the time, his ip might get logged on an US based company's server
* cloudflare protection is terrible when you try to visit a clearnet url over tor
*...

Don't get me wrong, i love cloudflare, but i don't think it should be used for mixers, banks,...
sr. member
Activity: 456
Merit: 956
https://bitcointalk.org/index.php?topic=1935098
Cloudflare is basically a legitimized man-in-the-middle attack, ie. while the data gets encrypted between User / Cloudflare and Cloudflare / ChipMixer the data still gets decrypted -- and possibly stored -- on Cloudflare's server.
This is correct.
In case of other mixers using CloudFlare, CloudFlare knows your input address and output addresses. In our case, if we would use CloudFlare, CloudFlare would know input addresses and private keys. CloudFlare is US company so it is reasonable to think that any three letter institution could get an access by court order.
legendary
Activity: 3150
Merit: 2185
Playgram - The Telegram Casino
Ok I am a noob and I don't know much of technical stuff but can't Chip-mixer make a encrypted connection between the client and it's servers so if a third party is involved the data is well encrypted? I don't know if it's even possible lol
Chipmixer uses an encrypted connection.
I'm not sure how Cloudflare works in the details, but I can imagine Cloudflare must some how know who is a legit user, and who is just a DDOS-bot spamming. Until reading it here, I didn't realize that compromises privacy.

Cloudflare is basically a legitimized man-in-the-middle attack, ie. while the data gets encrypted between User / Cloudflare and Cloudflare / ChipMixer the data still gets decrypted -- and possibly stored -- on Cloudflare's server.

As far as i know Cloudflare's DDoS protection isn't even all that effective. Or rather, it works for basic DDoS attacks, but more sophisticated attackers will work around Cloudflare's DDoS protection either way.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Ok I am a noob and I don't know much of technical stuff but can't Chip-mixer make a encrypted connection between the client and it's servers so if a third party is involved the data is well encrypted? I don't know if it's even possible lol
Chipmixer uses an encrypted connection.
I'm not sure how Cloudflare works in the details, but I can imagine Cloudflare must some how know who is a legit user, and who is just a DDOS-bot spamming. Until reading it here, I didn't realize that compromises privacy.
full member
Activity: 267
Merit: 100
Ok I am a noob and I don't know much of technical stuff but can't Chip-mixer make a encrypted connection between the client and it's servers so if a third party is involved the data is well encrypted? I don't know if it's even possible lol
legendary
Activity: 1232
Merit: 1091
An external server basically means that you should consider your information compromised.

That's also the reason this forum doesn't make use of cloud flare, and that while a mixing service has far more priority to offer an ultra form of privacy (as far as possible), and thus skip third party services for better overall accessibility. I have used ChipMixer several times now, and only once did I experience an outage, which lasted like 5 minutes -- it's definitely annoying, but I am willing to take an occasional outage for granted to keep the highest possible form of anonymity.
legendary
Activity: 1526
Merit: 1179
the same client you trying to protect their privacy wouldn't mind using the competitors service despite the cloudfare thing in existence.
I am a client as well, and I actually do mind it when a mixing service makes use of an external service such as cloudflare. Chances for abuse are extremely small, but people make use of a mixing service for a reason.

If data goes through another machine, there is no way that anyone, or at least ChipMixer itself can guarantee that everything related to your mixing session won't be saved on whatever server for ever.

Noob users likely won't care, but those who are very privacy minded are insanely paranoid when it comes to logs being stored for longer than the promised time frame ~ these are usually the higher volume users.

An external server basically means that you should consider your information compromised.
hero member
Activity: 1330
Merit: 569
It's most likely another DDOS. It's very cheap to do, and very hard to prevent.
There is a cheap way to prevent it - use CloudFlare (or something similar) like other mixers do.
The problem is that it puts another, non-ChipMixer-controlled machine between ChipMixer and user.
We cannot ensure your privacy this way, so we do not use their service.

Its all good for the explanation and it will be better if there is a notification to that effect on the site when its down for users. I think its because a lot of mixers have gotten into the community and they are trying to gain attention as well and for people who felt its time to discredit ChipMixer for reasons best known to them but little did they forget that the market is big enough for everyone to feature in.

I think you still need to look for something around the cloudfare option and still be able to ensure the privacy of users because when these attack becomes too much, the same client you trying to protect their privacy wouldn't mind using the competitors service despite the cloudfare thing in existence.
sr. member
Activity: 456
Merit: 956
https://bitcointalk.org/index.php?topic=1935098
It's most likely another DDOS. It's very cheap to do, and very hard to prevent.
There is a cheap way to prevent it - use CloudFlare (or something similar) like other mixers do.
The problem is that it puts another, non-ChipMixer-controlled machine between ChipMixer and user.
We cannot ensure your privacy this way, so we do not use their service.
legendary
Activity: 2968
Merit: 1895
...

In recent days I tried out ChipMixer.  Because it works differently than other mixers I have used is was slightly (slightly!) confusing to me as a first time user, but every thing went just fine.  I split my BTC into two chips, withdrew one fairly quickly, and took a voucher on the other one.

Later I went back and cashed in the voucher.  All OK.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
if I want to deposit from lots ins with big tx size probably not a good idea
unless I want to spend good amount on fee to speed it up before 48 hrs time's up. correct?
You could send all your inputs to one address of your own first. From there, you can send faster without high total fee. Fees aren't so high at the moment, 20 sat/byte should get you a decent confirmation time. If you want less than that for many small inputs, doing it on a Sunday is your best bet.
Recently I've seen transactions under 10 sat/byte get confirmed again too, in just a few hours.
If your deposit somehow takes more than 48 hours to confirm, you can always "reset" the timer and have 48 hours again. Just don't forget to check daily if you need this.

Quote
second, mix & withdraw step, is it possible after splitting into several chips (say 4 chips)
then withdraw 1 chip and deposit (get 3 vouchers) for later use?
and can we also mix these vouchers with next deposit on another session?
Yes, you can do this. Treat vouchers the same way as you treat private keys: make safe backups, don't show them to anyone.

Quote
I think it would be great if you could make a dummy session to let people learn it
sometime people learn faster by doing and example than reading instructions  Roll Eyes
thanks...
You can try with a small amount, ChipMixer doesn't ask a high minimum amount to start mixing.
legendary
Activity: 3612
Merit: 5297
https://merel.mobi => buy facemasks with BTC/LTC
--snip
first, if I want to deposit from lots ins with big tx size probably not a good idea
unless I want to spend good amount on fee to speed it up before 48 hrs time's up. correct?
--snip

Yes, but this has nothing to do with the way chipmixer works... It's just bitcoin's protocol. If your transaction size goes up, so does the recommanded fee.
As a matter of fact, you have to realise that if you controll a lot of very small unspent outputs, eventually you're going to have to pay a high fee to spend them. It does not matter if you have to pay the fee while funding a mixer's address, or if you have to pay this fee while paying for a pizza.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
I clicked "start mixing" button just want to see the mixing process
but I haven't actually made deposit and tried it for real yet
first, if I want to deposit from lots ins with big tx size probably not a good idea
unless I want to spend good amount on fee to speed it up before 48 hrs time's up. correct?
second, mix & withdraw step, is it possible after splitting into several chips (say 4 chips)
then withdraw 1 chip and deposit (get 3 vouchers) for later use?
and can we also mix these vouchers with next deposit on another session?

I think it would be great if you could make a dummy session to let people learn it
sometime people learn faster by doing and example than reading instructions  Roll Eyes
thanks...
HCP
legendary
Activity: 2086
Merit: 4363
Is the site down? I keep getting a "This site can't be reached" error.
If it's down for maintenance, when will you be up and running again? Please let me know. Trying to teach and convince my (skeptical) friend how mixers work.
@warningsigns: It's most likely another DDOS. It's very cheap to do, and very hard to prevent.
You can try the Tor-version of the site.
Can confirm... the TOR network .onion site is working perfectly fine in Tor-Browser... the "normal" .com clearnet site just times out Undecided

Seems like ChipMixer is a victim of it's own popularity and success... #hatersGonnaHate
hero member
Activity: 896
Merit: 1082
@warningsigns: It's most likely another DDOS. It's very cheap to do, and very hard to prevent.
You can try the Tor-version of the site.


This is really sad. All these sick characters and their perverted acts, wasting other people's time and opportunities. I know it's wrong to say this but there should be mandatory abortion laws for wives of those found to be responsible for these attacks. They should not be allowed to multiply and populate this planet with more of their kind. There. Got it off my chest.

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
@warningsigns: It's most likely another DDOS. It's very cheap to do, and very hard to prevent.
You can try the Tor-version of the site.
hero member
Activity: 896
Merit: 1082
Is the site down? I keep getting a "This site can't be reached" error.

If it's down for maintenance, when will you be up and running again? Please let me know. Trying to teach and convince my (skeptical) friend how mixers work.

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
what makes this different than "depositing to exchanger and withdrawing back"
The difference: logfiles.
Exchanges keep track of all transactions for eternity, mixers delete all records.
hero member
Activity: 1232
Merit: 738
Mixing reinvented for your privacy | chipmixer.com
while looking for a signature campaign, I stumbled on chipmixer campaign
too bad, the campaign is closed for new participant
however I continue reading this Ann and a few last pages, and want to ask
what makes this different than "depositing to exchanger and withdrawing back"
wouldn't it somewhat similar on the ins & outs & trust on the 3rd party?
the process in the middle, between ins & outs, definitely completely different
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
After being on my knees basically crying in front of my PC, I had a thought, I have Pushbullet installed on my phone/pc which has universal copy/paste. I went into my phone and then into my text app which has a clipboard and low and behold there are all of the private keys along with a few other things I had recently copied.
Lucky you!
On a side note, this app seems like a security risk to me. If I understand correctly, this app shares your clipboard? In this case it saved you, but the opposite could happen when you import the private keys into Electrum, and someone gets a hold of your phone the next day.
Jump to: