Author

Topic: Any easy way to have armory run over tor? (Read 941 times)

legendary
Activity: 3766
Merit: 1364
Armory Developer
October 10, 2016, 08:17:48 AM
#9
Is Tor Armory connection used strictly to relay new transactions? Or does it reroute the entire bitcoind traffic?

In the ATI era, Armory would probe google.com to test for connectivity, as well as run some phone home code. A tor switch was introduced to disable that traffic.

Since 0.94, there is no more phone home code in Armory. By default, it only tries to connect to a Bitcoin node over a local socket. The tor encapsulation/proxying needs only happen at the node layer in this scenario.

Careful of hotlinks within Armory though, these will spawn your default browser which will connect over the open WAN if not setup to run through Tor.
staff
Activity: 3458
Merit: 6793
Just writing some code
October 10, 2016, 07:14:14 AM
#8
Is Tor Armory connection used strictly to relay new transactions? Or does it reroute the entire bitcoind traffic?
Armory doesn't actually do anything with Tor since it is a local connection to a local bitcoind. The bitcoind is what actually uses Tor. The bitcoind will use Tor for all of its traffic.
full member
Activity: 147
Merit: 100
Do you like fire? I'm full of it.
October 10, 2016, 03:53:25 AM
#7
Is Tor Armory connection used strictly to relay new transactions? Or does it reroute the entire bitcoind traffic?
legendary
Activity: 3766
Merit: 1364
Armory Developer
September 08, 2016, 02:42:42 AM
#6
Why Tails or Whonix? Running Bitcoin Core (which is needed for Armory) in either Tails or Whonix is a pain in the ass - the blockchain is simply too big.

I'd say the best option is to run a standalone Bitcoin Core (not managed by Armory) over Tor - you just need the Tor Browser Bundle to do that.

In Bitcoin Core: go to Preferences/Network and check "connect through SOCKS5 Proxy". Proxy IP: 127.0.0.1, Port: 9150 - and then have Tor Browser Bundle open together with Bitcoin Core.

After the above, in Armory just check check "enable settings for proxies/Tor" in Privacy Settings.


The issue with connecting to a anon/private network through a proxy is that any traffic that doesn't go through the proxy can reveal you. As long you use something like the Tor bundle on top of a regular system, that remains a possibility. The main offenders in these setups are DNS lookups: regular traffic will go through the proxy, but your machine will be sending domains in plain text to your ISP for resolution.

It is fairly hard to sanitize an application/system to avoid this kind of (otherwise) routine and harmless side channel traffic. With an OS like Tails or Whonix, that problem goes out the way.

The other point is your OS spying on you. That's a given for Windows so let's not touch on this topic here. For Unix flavors, while the purpose isn't actually spying, there is a wealth of phone home code that will ignore the Tor proxy.

From my perspective it's easier to keep Bitcoin and its blockchain data in an encrypted removable disk for using on Tails than to try and sanitize my regular Debian install. Also, AFAIK Tails is the live Tor OS whereas Whonix is the perma install one. It would be an even easier setup with Whonix.
newbie
Activity: 51
Merit: 0
September 07, 2016, 11:34:10 PM
#5
Why Tails or Whonix? Running Bitcoin Core (which is needed for Armory) in either Tails or Whonix is a pain in the ass - the blockchain is simply too big.

I'd say the best option is to run a standalone Bitcoin Core (not managed by Armory) over Tor - you just need the Tor Browser Bundle to do that.

In Bitcoin Core: go to Preferences/Network and check "connect through SOCKS5 Proxy". Proxy IP: 127.0.0.1, Port: 9150 - and then have Tor Browser Bundle open together with Bitcoin Core.

After the above, in Armory just check check "enable settings for proxies/Tor" in Privacy Settings.


This is what I was after - thank you.
legendary
Activity: 1148
Merit: 1018
September 07, 2016, 11:02:54 AM
#4
Why Tails or Whonix? Running Bitcoin Core (which is needed for Armory) in either Tails or Whonix is a pain in the ass - the blockchain is simply too big.

I'd say the best option is to run a standalone Bitcoin Core (not managed by Armory) over Tor - you just need the Tor Browser Bundle to do that.

In Bitcoin Core: go to Preferences/Network and check "connect through SOCKS5 Proxy". Proxy IP: 127.0.0.1, Port: 9150 - and then have Tor Browser Bundle open together with Bitcoin Core.

After the above, in Armory just check check "enable settings for proxies/Tor" in Privacy Settings.
member
Activity: 88
Merit: 76
August 28, 2016, 05:35:25 AM
#3
Tails

Whonix should work fine too.  (At least, I did so a couple years ago without trouble.)  Whether Tails or Whonix is better depends on use case, threat model, and personal preference.
legendary
Activity: 3766
Merit: 1364
Armory Developer
August 25, 2016, 11:17:24 PM
#2
Tails
newbie
Activity: 51
Merit: 0
August 25, 2016, 11:06:59 PM
#1
I can't figure this out for the life of me.
Jump to: