Topic: Are you running Bitcoin Core through Tor? Should it be a requirement? - page 2. (Read 822 times)

As I have already mentioned, I"m aware of all techniques that can be used to obfuscate TOR traffic.

But, as the old saying goes "caution is the parent of safety".

https://www.wired.co.uk/article/nsa-targeting-tor-users
https://www.digitaltrends.com/computing/nsa-labels-linux-tails-users-extremists/

 A while back Snowden has denounced the NSA power to track TOR traffic.

Go to NSA official page  and enter TOR into the search field. Even in open docs you  may find many teaser stuff.  




Many - YES. All - NO.

---

I'm aware why you all  are so persistent in convincing me about TOR. The more users use it the harder work for surveillance agencies.

But,    count me out,    count me out,    count me out!   

These people are those who will be more interested in hiding their identity and ip address while running a node.
Is it possible you misunderstood my post you replied to?

- Jay -

Basically, if you have money, you have freedom. Money really buys freedom. By the way, you have to do your own research when you decide to change country for the reasons what was written above, I am not going to suggest anything to anyone, I already wrote more than enough for some.

By the way, moving in another country can be hard for some, that's absolutely individual. After spending one-two months in foreign country, I feel like I'm at home, I adapt to things and culture very easily and everyday life of particular city very easily. But I agree with you, I have known people who were about to cry after living for one month in another country.

1. Not everyone live on country where it's government respect people's freedom.
2. Moving to another country is harder than it sounds.


Unless they're high profile person or they live in authoritarian country.

None taken! Thanks for the references.
The paper is actually quite outdated and is only applicable in very specific scenarios:
1) For some reason, every single hidden service peer gets attacked and is unable to establish any connection to the target node. That is very, very resource intensive considering the fact that the number of nodes running on Tor outnumbers the ones on the clearnet.
2) The user uses an outdated version of Bitcoin Core, which is roughly around 7 years ago by my estimates. We have improved a lot to counter topological analysis since then and they work pretty well.
3) Section 3 basically talks about a sybil attack, which fails to deanonymize a user with sufficient accuracy if any of the peers other than those controlled by the attacker is connected to the target.
This is independent of the usage of Bitcoin Core. It has to do with the user's privacy habits which essentially means that you have to tell everyone that you're the owner of this specific address in your hidden service. Definitely not something that anyone with privacy in mind would do.
This doesn't demonstrate anything that is related to Bitcoin Core and Tor.
Portscanners would only work if your Bitcoin Core accepts incoming connections, and it also practically doesn't serve any use or deanonymize the user.

This doesn't really do anything.

As mentioned above, Tor bridges can be used as well.

Haven't seen this for a while but generally whatever is said there can be easily debunk with a little research. Tons of affiliate links to VPNs on the site as well, go figure .

https://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document

VPN connections are fairly recognizable as well, even with daisy-chaining. Arguably, VPNs are even easily identified and flagged with DPI, GFW has done this on numerous occasions.

If they can, then I believe VPN wouldn't be the best option either.

That's the whole point behind pluggable transports. They mask your Tor traffic as something else which prevents your ISP or government from identifying it as Tor traffic. As I mentioned above, obfs4 makes your data look totally random, while meek makes it look like you are browsing a clearnet website. Given that these work in many different jurisdictions to bypass many different types and methods of censorship, we know that they work.

I run my bitcoin core node through Starlink, but there was no selection field in the survey 

TOR users are more interested in hiding their identity and masking their ip addresses than the fact that they are using TOR.

If the poll is already flawed you cannot imply calculate for errors and assume that is a reasonable estimate.

- Jay -

Yeah, it is designed to be censorship resistant, but its packets have some recognizable  patterns that allow to mark the relevant network traffic as to be originated from TOR app.


My fault, I didn't check the math on article text.

Given the exceedingly slow number of users who have participated  in the poll  I would consider ~50% to be reasonable estimate.

I am not sure if it is a typo but the calculations taken to arrive at 82% looks flawed from the article text:
Those figures should give a total within the region of 55% and not 82%.

---

You can also not take a pool of 20 users who we cannot guarantee actually run a node to be any accurate.

- Jay -

Who blacklists Tor? It is by design censorship resistant. I'm rather getting my local IP address censored, because as a citizen I'm forbidden to access certain websites in my country.

What's the point of that? The VPN provider will be able to de-anonymize your Tor activity, and can blacklist / censor / scrutinize you further, which is your concern as you're saying.

I talk about Western countries in this case. We have that freedom, if you move your ass, you can protect your identity online. Western countries can block VPNs but they don't do it, they leave some room for those who want freedom and I think that's a clever strategy.
By the way, your country blacklists people because of Tor usage but you are a digital nomad, you can change things. You can move in countries like Armenia, Moldova, Georgia and you'll have a huge digital freedom. It's another task whether you'll enjoy life there.
Overall, in life, if you want to get something, you have to give something.

Poll results shows that ~ 2/3 of bitcointalk users use clearnet to run their nodes, the rest utilize darknet. At the same time,  statistics gathered  by  Bitnodes  API reveals opposite result - 82% of nodes route their traffic via TOR".

Any thought on this obvious  discrepancy?

P.S. My explanation is that most of  darknet nodes are running by agencies/institutions who are nor bother yourself to be present on bitcointalk.

As I have already repeatedly said my main concern with TOR is not-zero-probability to be blacklisted and further scrutinized rather than to be  personally identified. 

And yeah, they can set malicious VPN service that is why user must carefully select the one he could trust. The preliminary research is the best thing he can do before paying for VPN.

Tor via VPN, yeah, it might be solution, but I'm not sure if they have power to strip off VPN packets (even XORed) that enveloped the relevant TOR ones and thus blacklist me.

While very interesting to read, this paper is about deanonymizing the users of hidden services. It's not about deanonymizing Bitcoin Core users. They associated Bitcoin addresses with online identities on Twitter and Bitcointalk. Some of them could be linked to real identities. That's not because they used Bitcoin Core through Tor, it's because they posted addresses in public places. Using a VPN instead of Tor doesn't change that.


They didn't compromise Bitcoin Core through Tor. If someone posts his Bitcoin address here and makes a payment to an address posted on a hidden website, it's not that difficult to put one and one together. It's also not that difficult to avoid.


--Knight Hider

Lots of people use VPN for gaming, streaming and for unblocking limited apps and content on smartphones, smartTVs, etc. I think it doesn't worth to blacklist all of them because I guess majority of internet users have used VPNs at least once in their life while 90% of them probably have never even downloaded Tor.

I'm just saying that to my mind, there is a high chance that they aren't blacklisting VPN users. I wouldn't worry about this fact if you work remotely for a company and can travel in eastern Europe. Things are rarely regulated in Eastern European countries, people, police and even higher ones are rarely educated about this staff. Things aren't as controlled as in the West.
Every IT worker who appreciates privacy, should aim to become a digital nomad.

And if they are doing this for Tor, what makes you think they aren't doing the same thing for VPNs? If you think they can pick up on Tor pluggable transports such as obfs4 and meek, then they can definitely pick up on VPN traffic. It's also far easier for the government to set up a malicious VPN service or to subpoena existing VPN services to hand over data than it is for them to do the same thing Tor nodes.

If you really wanted, then you can always connect to Tor via your VPN.

Bitcoin as a decentralized network, for the people, by the people should provide as many options as possible to make it easy for all types to use.  So, no it should not force TOR onto it's users.  Some folks will require more privacy than others, such as those who live where bitcoin is banned, but others who don't need the IP privacy should be able to use faster, less congestive, more accessible networks.  As mocacinno said, there're other ways to maintain privacy, since no one can determine if a node originated the transaction or merely broadcast it.  Especially if a node has both, clearnet and TOR enabled.

The sad truth is that most people who were born after 1985 have no clue what privacy really looks like, and couldn't care less about it.  They're used to living in world with cameras everywhere, including one in every pocket of every human they encounter.  Geezers such as myself are still distrustful and skeptical of the Surveillance States that have taken over the majority of our national governments.  But that doesn't mean I won't troll them.  So, unlike o_e_l_e_o I have one node server running both clearnet and TOR, but I never transmit any transactions over that node.  

I run two other nodes purely over TOR; one is my desktop hot wallet, and another server for SPV services.  So, whether I use Electrum, or just transact through my Bitcoin wallet, I know that my transactions are likely to be routed through TOR.  I say "likely" because there is a chink in my armor; all three are configured with addnode to connect to each other using my local LAN IPs, so in reality I don't know which of the three is going to broadcast my transactions to the rest of the network.  But that's a decision I made fully conscious of the risks, and it's something I can change in about 30 seconds.

So, why do I want to troll my government?  They deserve it, and should be put on notice!  The Federal Reserve is a leading cause of corruption within our economic structure (banks are too big to fail? WTF) and facilitates the federal government's overreach of power.  Not to mention it's unconstitutional.  

So yeah, bitches!  I'm using bitcoin every chance I get.

/\
II
Well, don't take offence, just  read:

1)Bitcoin over Tor isn’t a good idea
2) Deanonymizing Tor hidden service users through Bitcoin transactions analysis.
3)Bitcoin network-based anonymity and privacy model for metaverse implementation in Industry 5.0 using linear Diophantine fuzzy sets

and research:

 1)a simple (and rather ad-hoc) port scanner for Tor hidden services
2) Bitcoin Network Probing Tool

I think it's enough for the start.

However, it seems to me that you have missed the main reason why I against TOR for my node - I don't want to be blacklisted.



It is a wrong assumption that you can escape the  fate  of those TOR users who are already in that list.

https://restoreprivacy.com/tor/

Hmm sure, doesn't seem like a productive discussion. In fact, it would be quite counter intuitive to what a forum discussion is but do as you please.