bitcoind + vidalia and potenially dangerous connections

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: astana on November 15, 2011, 11:38:41 PM

why on earth would you run your bitcoin wallet on tor, to me that's just asking some to hack you.

Actually almost the opposite is true.

Running an unproxied bitcoin always from the same static IP on the internet is like dropping your trousers in public. (Having an unencrypted wallet connected to such a node would be like bending over with trousers around ankles in public.)

finway

hero member

Activity: 714

Merit: 500

Quote from: astana on November 15, 2011, 11:38:41 PM

why on earth would you run your bitcoin wallet on tor, to me that's just asking some to hack you.

To stay anonymous.

astana

member

Activity: 98

Merit: 10

why on earth would you run your bitcoin wallet on tor, to me that's just asking some to hack you.

theymos

administrator

Activity: 5222

Merit: 13032

Quote from: Red Emerald on November 15, 2011, 02:24:00 PM

But those flags would be safer, correct?

Maybe a little bit.

Red Emerald

hero member

Activity: 742

Merit: 500

Quote from: theymos on November 15, 2011, 03:17:58 AM

The message appears because Bitcoin is talking to IPs directly over SOCKS4. Even if you stop Bitcoin from using DNS with the -nodnsseed and -noirc switches, you'll still get the warning.

But those flags would be safer, correct? I'm fine with warnings if I am sure that the IPs were given as IPs and not as names.

finway

hero member

Activity: 714

Merit: 500

Seems bitcoin client adapts tor not well.

theymos

administrator

Activity: 5222

Merit: 13032

The message appears because Bitcoin is talking to IPs directly over SOCKS4. Even if you stop Bitcoin from using DNS with the -nodnsseed and -noirc switches, you'll still get the warning.

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: theymos on November 15, 2011, 01:10:04 AM

Bitcoin does do some DNS stuff for bootstrapping, though that message would appear regardless. You can disable the warning with a torrc option.

Disabling the warning does not stop the DNS leak of bitcoin's that Tor has detected though.

theymos

administrator

Activity: 5222

Merit: 13032

Bitcoin does do some DNS stuff for bootstrapping, though that message would appear regardless. You can disable the warning with a torrc option.

Red Emerald

hero member

Activity: 742

Merit: 500

I found this page, but am still not sure if I even need to change anything. https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#IkeepseeingthesewarningsaboutSOCKSandDNSandinformationleaks.ShouldIworry

I'm pretty sure bitcoin only uses IP addresses anyway, so I'm thinking these warnings are probably mistaken.

Red Emerald

hero member

Activity: 742

Merit: 500

I setup a small xubuntu VM to act as a safe for my wallet. I installed tor, polipo, and vidalia more for fun than anything. I set bitcoind to use the tor proxy and set my browser to use polipo. My browser is able to connect to the tor network fine.

I added the proxy to my bitcoin.conf

Code:

proxy=127.0.0.1:9050

Bitcoin seems to be using the proxy, but when I look at Vidalia's message log, I see lots of

Quote

Potentially Dangerous Connection!
One of your applications established a connection through Tor to "x.x.x.x:8334" using a protocol that might leak information about your destination. Please ensure you configure your applications to use only SOCKS4a or SOCKS5 with remote hostname resolution.

So then I did

Code:

sudo apt-get install torsocks

and then I start the daemon with

Code:

torify bitcoind -daemon

but I get console warnings and I still get the "Potentially Dangerous Connection!" messages

Code:

[user@btc-ubuntu ~]$ torify bitcoind -daemon
16:57:35 libtorsocks(2539): The symbol res_init() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_query() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_search() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_send() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_querydomain() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_init() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_query() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_search() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_send() was not found in any shared library. The error reported was: not found!
16:57:35 libtorsocks(2539): The symbol res_querydomain() was not found in any shared library. The error reported was: not found!

Has anyone done this successfully without warning messages?

Topic: bitcoind + vidalia and potenially dangerous connections (Read 5522 times)