Pages:
Author

Topic: Anonymity - page 4. (Read 68861 times)

sr. member
Activity: 294
Merit: 252
Firstbits: 1duzy
August 21, 2010, 05:30:09 AM
#54
No offense, and are you sure about that?  Even from a nontechnical perspective, having a fully-public transaction history is troubling, to say the least.

The full transaction history of every transaction everybody makes is available. (If that is what you were questioning.)
What do you think is in the block chain?
The Anonymity comes from not knowing who 'owns' a particular Bitcoin Address.
administrator
Activity: 5222
Merit: 13032
August 21, 2010, 05:11:11 AM
#53
When I say that someone doesn't know who you are, I mean that you're talking to them through Tor with a disposable identity and not giving them any information about yourself. They have to defeat Tor in order to identify you.

An incredibly powerful attacker might be able to group addresses that ordinarily couldn't be grouped, but they don't gain anything from this when all of your addresses were used safely. Even if an attacker can find every address in your wallet and they can talk to all of the people you transacted with using those addresses, they can't identify you because you were talking to all of these people through Tor.

This is an unusual case. I doubt ichi is actually doing this. Most people will need to acquire Bitcoins non-anonymously, put them into a separate balance, mix them (as I've described in this thread), and then send them to people who they deal with through Tor.
member
Activity: 182
Merit: 10
August 21, 2010, 04:36:26 AM
#52
@EconomyBuilder

No offense, and are you sure about that?  Even from a nontechnical perspective, having a fully-public transaction history is troubling, to say the least.

Although every $20 bill that I've used has my DNA on it (except perhaps for the ones I've digested with hog pancreatic DNase) and every $20 bill has cocaine on it, there's arguably no persuasive evidence that I'm using cocaine.  Right?  Couldn't Bitcoins be randomized just as $20 bills are?  For example, could something like this scheme provide anonymity?
newbie
Activity: 9
Merit: 0
August 21, 2010, 03:56:19 AM
#51
Quote
"You're safe if none of your addresses are used to receive coins from people who know who you are and you never send coins to people who know who you are."

(1) How am I supposed to know who "knows" me and who doesn't?   Strangers to me often have all sorts of information about me in their databases, even if I have never heard of them before.

(2) A sufficiently unique and detailed set of transactions can be sufficient to uniquely identify you, like a fingerprint.

Any anonymity in this system is very weak and won't withstand any vigorous investigation effort by competent technical investigators.  It bears no resemblance to the strong anonymity available with, for example, David Chaum's digital cash and various relatives of that blind-signature scheme.     It is in no sense secure in the same kind of way the hash chain or other cryptographic properties of the system are secure.   Of course the Chaumian ecash systems don't have the decentralized trust in terms of transaction clearing that this system has.   So there's you're tradeoff, better currency security but no strong anonymity.   It's probably reasonable to give up anonymity for better currency security if one has to make that tradeoff, but let's not throw around the description "anonymous" as if Bitcoin securely has that property, it does not.

Now somebody could develop a system to issue securely anonymous digital bank notes, and use bitcoins as the reserve currency for the issuing bank(s), thus achieving both strong anonymity and currency security greater than fiat or government-currency-backed anonymous cash.   One could audit the bank reserves by looking at its publicly signed bitcoin chains (taking advantage of the *lack* of anonymity in Bitcoin).   This strikes me as a pretty nice combination, but it would require some additional software and services currently lacking.
legendary
Activity: 1708
Merit: 1010
August 18, 2010, 01:18:36 PM
#50
You're safe if none of your addresses are used to receive coins from people who know who you are and you never send coins to people who know who you are.
Good.  Thank you.  I was never intending to do either.  I'm intending to use Bitcoin only where anonymity is one of the goals.

I'm sort of the opposite.  I don't really need or depend upon the anonymity aspect of Bitcoins, but the fact that it is there is something that I don't mind and can serve a useful purpose from time to time.  There is value in Bitcoins for me even if anonymity were completely compromised, and would be fine with identity being merely difficult to trace rather than impossible.  I also know that isn't necessarily the attitude of everybody, and on the whole if there is something that can improve the identity security of users of this software, I'm completely supportive of the idea.

Put me mostly in the pragmatic camp here if it can be said.



I suppose that I am in your pragmatic camp as well, as I do not really require the anonymity of bitcoins, yet I can also see the value to others (and therefore to myself).
full member
Activity: 224
Merit: 141
August 18, 2010, 11:58:55 AM
#49
You're safe if none of your addresses are used to receive coins from people who know who you are and you never send coins to people who know who you are.
Good.  Thank you.  I was never intending to do either.  I'm intending to use Bitcoin only where anonymity is one of the goals.

I'm sort of the opposite.  I don't really need or depend upon the anonymity aspect of Bitcoins, but the fact that it is there is something that I don't mind and can serve a useful purpose from time to time.  There is value in Bitcoins for me even if anonymity were completely compromised, and would be fine with identity being merely difficult to trace rather than impossible.  I also know that isn't necessarily the attitude of everybody, and on the whole if there is something that can improve the identity security of users of this software, I'm completely supportive of the idea.

Put me mostly in the pragmatic camp here if it can be said.
member
Activity: 182
Merit: 10
August 17, 2010, 10:20:16 PM
#48
You're safe if none of your addresses are used to receive coins from people who know who you are and you never send coins to people who know who you are.
Good.  Thank you.  I was never intending to do either.  I'm intending to use Bitcoin only where anonymity is one of the goals.
administrator
Activity: 5222
Merit: 13032
August 17, 2010, 08:34:25 PM
#47
Quote from: ichi
How would they find me?  What's the equivalent of my street address?  Is it just the network of clients that I've done transfers with?  What if none of them know who I am?  Am I missing something?

The history of your coins is your "street address". Anyone who knows any of your addresses can see all past and future transactions for coins gotten with that address, even if those coins are (or have been) transferred to different addresses.

You're safe if none of your addresses are used to receive coins from people who know who you are and you never send coins to people who know who you are.
legendary
Activity: 1708
Merit: 1010
August 17, 2010, 06:20:49 PM
#46
Sending payments to fake addresses provides a way to broadcast short encoded and optionally encrypted unalterable messages to the world anonymously. Have security codes for the organization committing genocide, but scared you'll be killed if the publisher accidentally reveals your identity? Shocked Publish them with Bitcoin. Cool

Why would the addresses need to be fake?  It is a good way to inexpensively referrence a purchase online.  Say, for example, that you wish to order something from an automated commerce website that costs 205.53 bitcoins.  There is still six digits of the bitcoin that can be used to imprint an order number.  Say the order number is 633729, the total cost of the order would look like 205.53633729 bitcoin on the blockchain.  Granted, the commerce site could issue a new address for every order, but what if they had some reason not to do that.  What if each unique customer had an address assigned to them, but the ecommerce site desired to positively identify each of that person's orders from one another without requiring some kind of additional message parameters that bitcoin does not support, and even if it did, would provide TMI about the transaction.
full member
Activity: 224
Merit: 141
August 17, 2010, 06:03:01 PM
#45
Not really any different from the classified ad.

Yes, you could do this with something on Craig's List too.  Some of it would depend upon the triggering mechanism and how light-weight you would need the software stack, and to make sure you aren't tipping off somebody looking for messages of that nature that just seem a little bit odd.  A coin transfer would be harder to spot as something a little bit off and I think you might be able to create a lightweight version of Bitcoins that could be smaller than an http scanner to act as a trigger.

Anyway, for those who are into terrorist activities, I'm sure you can come up with dozens of ways to accomplish that kind of mechanism.  Perhaps some day I'll set up something that will release my blueprints to the Area 51 facility that will be untraceable.
member
Activity: 182
Merit: 10
August 17, 2010, 12:41:21 AM
#44
From the "Anonymity" article on the wiki:
Quote
Sending coins to a different computer under your control will give you some plausible deniability. However, an investigator is still likely to find you and demand to know who you sent the coins to. If they search your stuff, they'll probably find your other computer. If the attacker is not law enforcement (or maybe even if they are), they might kill you “just in case”. If you use this method, send bitcoins in small increments (no more than 50 BTC, but as small as you're willing to use) to avoid combining coins, which reduces anonymity.
Determining my true identity would be nontrivial.  Even XeroBank doesn't know who owns the email address posted in my profile.  If y'all complained enough about me, they'd nuke the account, but they still wouldn't know who I am.  Indeed, I'd still be paying for the account, even though it no longer existed.  Google "VAULTS".  Of course, they may be lying about all that  Wink

Quote
Also:
Quote
Tor prevents network analysis and should be used, but it won't help make your Bitcoin balance “clean” The attacker isn't talking to you over the Internet; they're looking at your changes to the block  chain. This is similar to posting a threat and your street address on a message board using Tor – Tor doesn't stop the police from finding you.
How would they find me?  What's the equivalent of my street address?  Is it just the network of clients that I've done transfers with?  What if none of them know who I am?  Am I missing something?
lfm
full member
Activity: 196
Merit: 104
August 16, 2010, 08:03:09 PM
#43
Sending payments to fake addresses provides a way to broadcast short encoded and optionally encrypted unalterable messages to the world anonymously. Have security codes for the organization committing genocide, but scared you'll be killed if the publisher accidentally reveals your identity? Shocked Publish them with Bitcoin. Cool

That is an interesting application of Bitcoins that I hadn't thought of.  Sending 0.0000001 BTC to some "trigger" address to detonate some weapon or to trigger a bot/virus to send a simple (even "complex") message when the value is received.  I could think of several "covert" applications to something of that nature, and it would be difficult to trace the origin of that transmission too.

Not really any different from the classified ad.
full member
Activity: 224
Merit: 141
August 16, 2010, 07:10:34 PM
#42
Sending payments to fake addresses provides a way to broadcast short encoded and optionally encrypted unalterable messages to the world anonymously. Have security codes for the organization committing genocide, but scared you'll be killed if the publisher accidentally reveals your identity? Shocked Publish them with Bitcoin. Cool

That is an interesting application of Bitcoins that I hadn't thought of.  Sending 0.0000001 BTC to some "trigger" address to detonate some weapon or to trigger a bot/virus to send a simple (even "complex") message when the value is received.  I could think of several "covert" applications to something of that nature, and it would be difficult to trace the origin of that transmission too.

Other peer-to-peer networks could work along a similar approach, but the current organization of Bitcoins assures that everybody in the entire network is aware of the transaction in a relatively short period of time (usually just an hour or less) and even temporarily split off sections of the network will eventually get the message out.

I've heard about this being done in the financial industry where somebody will send out an ask/bid order for stocks or mutual funds that is far outside of normal trading boundaries as a means to transmit a message in some fashion (aka bidding $5 for Berkshire Hathaway Class "A" stock).  I'm sure other examples could be given but it is something that has already been discussed in other forums and even has fiction written about it.  Tom Clancy wrote about it in terms of a trigger event for a melt-down of Wall Street in one of his novels.

It is the persistence that nodes have for transmitting transactions to each other that would be beneficial here.  If anything, this is a consequence of becoming more anonymous in terms of the transactions.
sr. member
Activity: 252
Merit: 268
August 16, 2010, 05:47:31 PM
#41
Sending payments to fake addresses provides a way to broadcast short encoded and optionally encrypted unalterable messages to the world anonymously. Have security codes for the organization committing genocide, but scared you'll be killed if the publisher accidentally reveals your identity? Shocked Publish them with Bitcoin. Cool

It would be just terrible if people realized there was a way to post messages to the internet.  Roll Eyes
Bitcoin is much harder to crash than your average web server. Bitcoin is harder to manipulate than your average decentralized message board.
legendary
Activity: 1246
Merit: 1016
Strength in numbers
August 16, 2010, 05:31:27 PM
#40
Sending payments to fake addresses provides a way to broadcast short encoded and optionally encrypted unalterable messages to the world anonymously. Have security codes for the organization committing genocide, but scared you'll be killed if the publisher accidentally reveals your identity? Shocked Publish them with Bitcoin. Cool

It would be just terrible if people realized there was a way to post messages to the internet.  Roll Eyes
administrator
Activity: 5222
Merit: 13032
August 16, 2010, 04:36:16 PM
#39
Quote from: ichi
It's become my practice to create a new Ubuntu VM / Bitcoin client for each major transaction, and to trash it after subsequent transfers to longer-term clients.  The IPs are anonymized.  Does that actually increase anonymity?

From the "Anonymity" article on the wiki:
Quote
Sending coins to a different computer under your control will give you some plausible deniability. However, an investigator is still likely to find you and demand to know who you sent the coins to. If they search your stuff, they'll probably find your other computer. If the attacker is not law enforcement (or maybe even if they are), they might kill you “just in case”. If you use this method, send bitcoins in small increments (no more than 50 BTC, but as small as you're willing to use) to avoid combining coins, which reduces anonymity.

Also:
Quote
Tor prevents network analysis and should be used, but it won't help make your Bitcoin balance “clean” The attacker isn't talking to you over the Internet; they're looking at your changes to the block  chain. This is similar to posting a threat and your street address on a message board using Tor – Tor doesn't stop the police from finding you.

Quote from: ichi
To be explicit, my threat model is this: Can I remain anonymous when all with whom I exchange bitcoin are conspiring to identify me?  For me, here and now, that's probably overkill, in that I'm just a guy buying anonymous connectivity and server resources.  In China, OTOH?  Anywhere in ten years?  Hard to say.

As long as it's not illegal to use Bitcoin, Bitcoin can satisfy that threat model. The current implementation does not, however.

Quote from: RHorning
I'm not talking about extending the protocol here at all.... as a matter of fact it is a simplification of the protocol and perhaps even the client software too.  There is no reason to have a special case if the transaction happens to go to a key that exists on that same computer, and certainly no reason for any extra data to be recorded that would indicate a self-referential transaction that appears externally as anything other than a coin transfer from one user to another.  Explicit special coding must happen for that situation to occur... in other words software development effort has been spent to make the current situation that removes anonymity.  It is a case where keeping it simple helps improve the overall algorithm.

I agree that the behavior should be changed. The change is not really a simplification, though: it's the use of hashes (addresses) that is a bit of a "hack". The thought was probably, "We know the public key, so let's avoid all of that hashing garbage."
sr. member
Activity: 252
Merit: 268
August 16, 2010, 04:26:04 PM
#38
Sending payments to fake addresses provides a way to broadcast short encoded and optionally encrypted unalterable messages to the world anonymously. Have security codes for the organization committing genocide, but scared you'll be killed if the publisher accidentally reveals your identity? Shocked Publish them with Bitcoin. Cool
sr. member
Activity: 416
Merit: 277
August 16, 2010, 11:53:34 AM
#37
Quote
Related question.  Suppose one created an address, and then took the host client down.  And suppose someone then sent bitcoin to that address.  Would that bitcoin exist indefinitely in limbo, waiting for the address to appear?  Or would the transfer just fail, and reverse itself?
You don't need to have a client running to receive bitcoins.
Once you create an address, any coins sent to it will just sit there waiting for you to spend them.
Any transfer to a 'valid' address should be successful. It is VERY rare for a transaction to be reversed.
There are other threads that explain this in more detail.This is not really an Anonymity issue.
Actually, when you send coins to an address you can view the coins as sitting there waiting for the address "holder" to spend them even if the address doesn't exist. If that address is created in future then they can spend the coins.
If you send coins to an address for which the private key has been lost then the coins can be imagined to be in limbo waiting for either the private key to be recovered or for a new key with the same address to be generated.
(Not sure about the "new key with same address" bit. May depend on the details of the transaction).

ByteCoin

legendary
Activity: 1540
Merit: 1002
August 16, 2010, 10:04:02 AM
#36
You don't need to have a client running to receive bitcoins.
Once you create an address, any coins sent to it will just sit there waiting for you to spend them.

So, in theory, I could parse all the blocks, extract all the addresses and then make a tree of txins and txouts. With a little (a lot of?) effort, I could then try and split the txins from a txout into payment / change, effectively knowing which addresses belong to a single user. For those users that have a public address, this would be an unexpected disclosure.

I know the 'splitting the payment / change' is somewhat of a flawed argument, there is no way of being 100% sure all the time, but some rules might apply more often than not:
- Is there a txin for change = 0? This one is obviously from the sender
- On transactions of high value, chances are the highest part is the change (the 8999 lost coins thread being one such example)
- Future transactions from the change address will always carry the exact change amount + new txins, whereas the transfer receipient may very well already have a balance on the provided address.

I'm sure that all the statistical inclined fellow bitcoiners, being presented with a large enough annotated sample of the transactions to date could come up with a hihg accuracy model.
sr. member
Activity: 294
Merit: 252
Firstbits: 1duzy
August 16, 2010, 09:03:34 AM
#35
But it's possible to construct valid non existing addresses if you know what you are doing. But you won't do this accidentally.
Why would one do that?
I can't think of a reason why you'd want to. I was just trying to illustrate that you didn't actually need to generate a private key to create an apparently valid Bitcoin address.

Quote
Related question.  Suppose one created an address, and then took the host client down.  And suppose someone then sent bitcoin to that address.  Would that bitcoin exist indefinitely in limbo, waiting for the address to appear?  Or would the transfer just fail, and reverse itself?
You don't need to have a client running to receive bitcoins.
Once you create an address, any coins sent to it will just sit there waiting for you to spend them.
Any transfer to a 'valid' address should be successful. It is VERY rare for a transaction to be reversed.
There are other threads that explain this in more detail.This is not really an Anonymity issue.
Pages:
Jump to: