Pages:
Author

Topic: Are you running Bitcoin Core through Tor? Should it be a requirement? (Read 822 times)

legendary
Activity: 1148
Merit: 3117
I wasn't expecting to generate such good discussion, it was great reading the community opinion on this one. I'm also sided with most users opinion on the main theme of the thread - making TOR a requirement to run Bitcoin Core is unimaginable - it would be too much of a risk and would leave the future of the network in the hands of one entity.

As a side note, what I am planning on doing regarding my node, considering the community feedback, is a mix usage - Make the initial synchronization behind a VPN and, when it finishes, I'll use it connected to TOR. That way I won't overload the service with the amount of data that it takes to sync while, at the same time, speeding the process considerable.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
you would know they are only getting one straw from every hay stack.
then, you don't understand how Tor traffic analysis and detection of its users really works,  sorry

The way TOR traffic is routed is largely up to me.  I can use a different circuit for each website I visit, and completely separate circuit for my bitcoin transactions.  Or, I can set up my own node with an Onion address, connect to it from anywhere in the world, and avoid all entry/exit nodes all together.  You seem unaware of how to use TOR and how it works.

Generally speaking Bitcoin over TOR is nonsense  for me.  On one hand we want the fastest mass adoption of this cryptocurrency but on other hand  we afraid  publicity and use TOR which is traditionally  associated with  illicit activities in the eye of Joe and Maggy.

Go read my first post in this thread before making such generalizing comments, please.  I clearly stated that I believe bitcoin should work on any and every network available.  Privacy is a natural right to which we're all entitled.  The levels to which, and methods by which we choose to preserve our privacy should be a personal choice.  I have no issues with people not protecting their privacy at all, that's up to them.

If you are okay with a centralized VPN provider, and don't care about the government's ability to subpoena your traffic, that's your choice.  Just don't go claiming that your choices are superior to mine despite you being clearly misinformed on how to use TOR to protect your privacy in ways that a VPN cannot.
legendary
Activity: 2268
Merit: 18748
I wonder why you are so persistent in convincing me to use thing that I don't need? What is your interest here?
I'm not trying to convince you to use anything - I'm pointing out that your VPN is almost certainly not providing the protection you think it is.

And my interest is that everyone deserves privacy from any and all third parties they want privacy from, but a VPN is unlikely to achieve that in isolation.

On one hand we want the fastest mass adoption of this cryptocurrency but on other hand  we afraid  publicity and use TOR which is traditionally  associated with  illicit activities in the eye of Joe and Maggy.
The day I have to give up all my privacy to use bitcoin is the day I sell it all for monero.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
then, you don't understand how Tor traffic analysis and detection of its users really works,  sorry

Read this at least. https://ieeexplore.ieee.org/document/8258487
Do share the findings from the paper. I'm not an academic that is affiliated with IEEE unfortunately. Would be good if you can share the results and the methodology of their findings as well as the false positive rates. Note that we're more concerned about identifying specific users rather than recognizing that people are using it. The latter does absolutely nothing, and if it poses a security risk for you, you actually have better things to worry about  Cheesy.
Hm, misinforming, why me rather than you?

You try to convince me that  TOR is 100% safe while there are plenty of cases showing that is not, just google.

Who  is misinforming then?

-snip-
I'm waiting for your response to the post for which I've highlighted how none of those research demonstrates any viable proof-of-concept which can effectively strip and identify the users. I would appreciate if you could clarify with the research that you've done.
Generally speaking Bitcoin over TOR is nonsense  for me.  On one hand we want the fastest mass adoption of this cryptocurrency but on other hand  we afraid  publicity and use TOR which is traditionally  associated with  illicit activities in the eye of Joe and Maggy.
I guess privacy isn't a concern even after how NSA revealed that they're tracking tons of data. I really don't care about mass adoption of Bitcoin, if we can't even promote methods to enhance our day-to-day privacy.
sr. member
Activity: 1572
Merit: 267

you would know they are only getting one straw from every hay stack.



then, you don't understand how Tor traffic analysis and detection of its users really works,  sorry




 I would burn 80 gallons on a tx till they come and say it's not ok.



Fissile fuels.

[moderator's note: consecutive posts merged]
hero member
Activity: 714
Merit: 1298

you would know they are only getting one straw from every hay stack.



then, you don't understand how Tor traffic analysis and detection of its users really works,  sorry

Read this at least. https://ieeexplore.ieee.org/document/8258487

.to prevent your misunderstanding from misinforming others.

Hm, misinforming, why me rather than you?

You try to convince me that  TOR is 100% safe while there are plenty of cases showing that is not, just google.

Who  is misinforming then?


I'm aware why you all  are so persistent in convincing me about TOR. The more users use it the harder work for surveillance agencies.

But,    count me out,    count me out,    count me out!  




Generally speaking Bitcoin over TOR is nonsense  for me.  On one hand we want the fastest mass adoption of this cryptocurrency but on other hand  we afraid  publicity and use TOR which is traditionally  associated with  illicit activities in the eye of Joe and Maggy.



copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
Symmetrically, you have absolutely no way to verify your entry and exit nodes are  not honeypots that cooperate together.

That's irrelevant.  I can only imagine that governments do indeed have exit nodes for monitoring TOR traffic, but if you understood how TOR works you would know they are only getting one straw from every hay stack.

I wonder why you are so persistent in convincing me to use thing that I don't need? What is your interest here?

I won't presume to speak for o_e_l_e_o, but I'm not trying to convince you of anything, only trying to prevent your misunderstanding from misinforming others.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Some people want to talk with stubborn people, and attempt to reason with them. It reinforces their understanding. Some others don't have the patience. o_e_l_e_o probably belongs to the former.
hero member
Activity: 714
Merit: 1298
.You have absolutely no way to verify your VPN provider is not keeping logs, sharing data with your government, or indeed a honeypot.

Symmetrically, you have absolutely no way to verify your entry and exit nodes are  not government's honeypots that cooperate together.

I wonder why you are so persistent in convincing me to use thing that I don't need? What is your interest here?
legendary
Activity: 2268
Merit: 18748
I can't force myself to believe that you think that packets relevant to personal VPN differ from those ones pertaining to corporate VPN.
A government could easily create a whitelist for certain VPN providers or servers used by corporations and a separate blacklist for VPN providers or servers accessible by individuals.

Wrong assumption from your part, sorry.
Not wrong at all. You have absolutely no way to verify your VPN provider is not keeping logs, sharing data with your government, or indeed a honeypot.
hero member
Activity: 714
Merit: 1298
VPN users are  not subjected to be blacklisted in my  country.  In fact, the company for which I'm employed forces its employees to incorporate VPN usage in their daily routine and safeguard their work space.
Corporate VPN usage and personal VPN usage are two different things, however.
.

I can't force myself to believe that you think that packets relevant to personal VPN differ from those ones pertaining to corporate VPN. Sad

then your VPN is probably not providing the protection you think it is. What is more likely - they are fine with people trivially bypassing their blacklists, or they know they can get whatever information they want from your VPN provider?

Wrong assumption from your part, sorry.

More than that, I can confide I pay tax relevant to BTC  regular as clockwork so I don't afraid government in this respect.

The reason my node operates through a VPN is due to my profound lack of trust in my ISP. I do my best to  keep my involvement with bitcoin concealed from individuals residing in my county.
legendary
Activity: 2268
Merit: 18748
VPN users are  not subjected to be blacklisted in my  country.  In fact, the company for which I'm employed forces its employees to incorporate VPN usage in their daily routine and safeguard their work space.
Corporate VPN usage and personal VPN usage are two different things, however.

I would also suggest that if your government blacklists Tor because they cannot spy on you if you use it, but they are fine with you using a VPN, then your VPN is probably not providing the protection you think it is. What is more likely - they are fine with people trivially bypassing their blacklists, or they know they can get whatever information they want from your VPN provider?
hero member
Activity: 714
Merit: 1298
Many - YES. All - NO.
If your ISP has the technology, capabilities, and resources to monitor your connection and detect (for example) meek obfuscation of Tor traffic, then it will be trivial for them to identify your VPN traffic.

I have to say I don't quite understand your threat model. You seem to want to avoid Tor because you think your government will blacklist you if you use Tor to hide your traffic from them, but you think they will have no problem if you use a VPN to hide your traffic from them instead?

VPN users are  not subjected to be blacklisted in my  country.  In fact, the company for which I'm employed forces its employees to incorporate VPN usage in their daily routine and safeguard their work space.

. I'm sure the government would love for everybody to take satscraper's advice and use VPN instead of TOR, ..  

Please, don't twist satscraper's thoughts.

It is not my advice. I have never advised to not use TOR.

I just took part in the poll and shared my view on TOR with an eye on government's attitude to TOR users in my country.

Everyone is free to have its own move.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
You seem to want to avoid Tor because you think your government will blacklist you if you use Tor to hide your traffic from them, but you think they will have no problem if you use a VPN to hide your traffic from them instead?

If that is satscraper's belief, he might actually have a point (to some extent.)  I'm sure the government would love for everybody to take satscraper's advice and use VPN instead of TOR, because the Feds can subpoena a VPN provider to trace your movements.  They can't subpoena your TOR movements, because there's no central provider for TOR.  They would have to subpoena hundreds, if not thousands of individual TOR relay operators, and even then they're unlikely to find anything concrete.

On the other hand, if you're using TOR and the government knows about it, what can they do about it?  Outlaw the use of TOR?  Will that stop the use of TOR or only make it's use more wide-spread?

Anyway, it's not out of the realm of possibilities for the feds to plant a Ray Epps in Bitcointalk.org to spread misinformation.  
legendary
Activity: 2268
Merit: 18748
Many - YES. All - NO.
If your ISP has the technology, capabilities, and resources to monitor your connection and detect (for example) meek obfuscation of Tor traffic, then it will be trivial for them to identify your VPN traffic.

I have to say I don't quite understand your threat model. You seem to want to avoid Tor because you think your government will blacklist you if you use Tor to hide your traffic from them, but you think they will have no problem if you use a VPN to hide your traffic from them instead?
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
You'd have to go inside your router's control panel to reroute ports to other ones, and not all of them let you do that, so that's basically asking for trouble if you change networking equipment often.
Thank God I'm not alone. Genuinely, my Internet provider couldn't make port forwarding less difficult to setup. Like, I have to call someone in their stores, and have them confirming that I'm indeed the owner of the router, so they can approve the port forward.

I think all LN nodes should be using hidden services, because I don't like the idea of painting a giant target for ISPs who can see whether any of their IP addresses are involved in running Lightning nodes.
I mean, not just ISPs. You're literally letting every surveillance firm knowing how much money you have in lightning, and with whom you've opened channels.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
TOR users are more interested in hiding their identity and masking their ip addresses than the fact that they are using TOR.
By the way, am I the only one who likes the fact that you don't mess with port forwarding when you want incoming connections? There's a reason why most lightning nodes operate via hidden services.

You'd have to go inside your router's control panel to reroute ports to other ones, and not all of them let you do that, so that's basically asking for trouble if you change networking equipment often.

I think all LN nodes should be using hidden services, because I don't like the idea of painting a giant target for ISPs who can see whether any of their IP addresses are involved in running Lightning nodes.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Yeah, it is designed to be censorship resistant, but its packets have some recognizable  patterns that allow to mark the relevant network traffic as to be originated from TOR app.
Knowing that I'm using Tor, versus knowing to whom I connect to is orders of magnitude different. I don't care if my Internet provider knows I'm using Tor. And even if I do, there are bridges as said, which are unlisted and make censorship even more difficult to happen.

TOR users are more interested in hiding their identity and masking their ip addresses than the fact that they are using TOR.
By the way, am I the only one who likes the fact that you don't mess with port forwarding when you want incoming connections? There's a reason why most lightning nodes operate via hidden services.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
As I have already mentioned, I"m aware of all techniques that can be used to obfuscate TOR traffic.

But, as the old saying goes "caution is the parent of safety".

https://www.wired.co.uk/article/nsa-targeting-tor-users
https://www.digitaltrends.com/computing/nsa-labels-linux-tails-users-extremists/

 A while back Snowden has denounced the NSA power to track TOR traffic.

Go to NSA official page  and enter TOR into the search field. Even in open docs you  may find many teaser stuff.  
Relevant material: https://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption.

Their modus operandi involves compromising the target's computer and then identifying vulnerable plugins before attacking them. They are often the weak link of any computer systems and if you're strictly routing Bitcoin Core through it then you should have no concerns with the exposure of your identity and they have a hard time to link your identity beyond reasonable doubt. Generally, Tor has been proven to be a PITA for intelligence agencies. For VPN, they are unfortunately able to capture the logs, and they are unable to prove that they are not doing so. Besides, they are legally obliged to cooperate with law enforcement.

As for the labelling of connections, they don't really mean much and you're equally likely to be targeted by establishing connections to VPNs and made worse by the availability of data provided by the VPN providers. The first amendment basically guarantees that whatever their citizen is doing isn't illegal.

I'm aware why you all  are so persistent in convincing me about TOR. The more users use it the harder work for surveillance agencies.

But,    count me out,    count me out,    count me out!  
I would care less about that, and more about the misinformation that is presented. You're entitled to your own opinions, cheers!
member
Activity: 239
Merit: 59
a young loner on a crusade
1. Not everyone live on country where it's government respect people's freedom.
2. Moving to another country is harder than it sounds.
Basically, if you have money, you have freedom. Money really buys freedom.
Having enough money to buy your freedom legally is out of reach for most people. I believe anonymous money on the other hand can buy (some) freedom at much lower cost.

--Knight Hider
Pages:
Jump to: