Pages:
Author

Topic: Confusing SPV server spies? (Read 392 times)

hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
January 26, 2022, 10:46:35 AM
#39
IMO, it would be superior to run a node at home, or even on a VPS, and connect to it via a light client. You could only allow your devices to connect a light node to reduce resource demand.

The above would reduce battery use on your mobile device, and you wouldn’t be subjected to having to use a lot of data. Mobile internet connections are also typically less private, and connecting to a home computer would hide the fact that you are using bitcoin, compared to it being public to anyone watching your internet connection.

I think most people are not sufficiently concerned about privacy to even bother doing the above and will just use a light client.
True. My recommended method is running full node + electrs through Tor which is automatically accessible from anywhere. No need to setup tunneling manually or any sorts of open ports.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
January 25, 2022, 08:37:30 PM
#38
IMO, it would be superior to run a node at home, or even on a VPS, and connect to it via a light client. You could only allow your devices to connect a light node to reduce resource demand.

The above would reduce battery use on your mobile device, and you wouldn’t be subjected to having to use a lot of data. Mobile internet connections are also typically less private, and connecting to a home computer would hide the fact that you are using bitcoin, compared to it being public to anyone watching your internet connection.

I think most people are not sufficiently concerned about privacy to even bother doing the above and will just use a light client.
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
January 25, 2022, 11:35:24 AM
#37
I have a suggestion that I think is rarely considered: running a pruned full node on devices that don't have the disk space for the whole blockchain. Maybe it doesn't help the network, but for you it won't really be any worse than non-pruned. And you could install it on a laptop, tablet and even a phone.

A while back I thought about implementing an iOS or Android 'pruned full node' application that can be scheduled for 'sync times' like overnight, and after a few days you will have the latest UTXO set. I'm not confident I have the time for such a big side project at the moment, though. And you gotta maintain these things.... Grin
The issue is not only a storage issue, it is the whole downloading a lot of data and verifying it which takes a lot of time, computing power and consumes a lot of your internet traffic (most plans have a cap). On a phone it would eat your battery too.
Even after fully synchronizing with the network you still have to continue syncing and relaying transactions (have a mempool).
This can just always happen at night or when charging & not using the phone + if WiFi is available.
Phones already do this for backups. They wait for a time when the user is not using the device, it is charging AND on WiFi. Then it uploads hundreds of GB into their cloud storage. Not that I'd recommend it, but it seems feasible and is done in practice already.

I have a suggestion that I think is rarely considered: running a pruned full node on devices that don't have the disk space for the whole blockchain. Maybe it doesn't help the network, but for you it won't really be any worse than non-pruned. And you could install it on a laptop, tablet and even a phone.

A while back I thought about implementing an iOS or Android 'pruned full node' application that can be scheduled for 'sync times' like overnight, and after a few days you will have the latest UTXO set. I'm not confident I have the time for such a big side project at the moment, though. And you gotta maintain these things.... Grin
I don't think a pruned mobile device that is not connected to the network ~all the time is a very good idea. The times in which the cost of data (both in terms of battery consumption and in terms of cost/unit of data) is the highest (eg, when someone is away from home) is also the time when someone with a mobile device is going to need an up to date version of the (pruned) blockchain. So someone might be able to have a fairly recent version of the blockchain as of every morning, however, they will need to download and process the last several blocks whenever they are going to be receiving a transaction.
Yes, I envision you will have to download the day's new blocks. It's not for everyone for sure.

It really only makes sense if you have e.g. uncapped data or WiFi on the go (office, coffee shop, most places have WiFi) and somehow don't want to run a node at home and tunnel through Tor.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
January 25, 2022, 01:13:28 AM
#36
I have a suggestion that I think is rarely considered: running a pruned full node on devices that don't have the disk space for the whole blockchain. Maybe it doesn't help the network, but for you it won't really be any worse than non-pruned. And you could install it on a laptop, tablet and even a phone.

A while back I thought about implementing an iOS or Android 'pruned full node' application that can be scheduled for 'sync times' like overnight, and after a few days you will have the latest UTXO set. I'm not confident I have the time for such a big side project at the moment, though. And you gotta maintain these things.... Grin
I don't think a pruned mobile device that is not connected to the network ~all the time is a very good idea. The times in which the cost of data (both in terms of battery consumption and in terms of cost/unit of data) is the highest (eg, when someone is away from home) is also the time when someone with a mobile device is going to need an up to date version of the (pruned) blockchain. So someone might be able to have a fairly recent version of the blockchain as of every morning, however, they will need to download and process the last several blocks whenever they are going to be receiving a transaction.
legendary
Activity: 3472
Merit: 10611
January 24, 2022, 11:27:01 PM
#35
I have a suggestion that I think is rarely considered: running a pruned full node on devices that don't have the disk space for the whole blockchain. Maybe it doesn't help the network, but for you it won't really be any worse than non-pruned. And you could install it on a laptop, tablet and even a phone.

A while back I thought about implementing an iOS or Android 'pruned full node' application that can be scheduled for 'sync times' like overnight, and after a few days you will have the latest UTXO set. I'm not confident I have the time for such a big side project at the moment, though. And you gotta maintain these things.... Grin
The issue is not only a storage issue, it is the whole downloading a lot of data and verifying it which takes a lot of time, computing power and consumes a lot of your internet traffic (most plans have a cap). On a phone it would eat your battery too.
Even after fully synchronizing with the network you still have to continue syncing and relaying transactions (have a mempool).
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
January 24, 2022, 09:31:55 PM
#34
I have a suggestion that I think is rarely considered: running a pruned full node on devices that don't have the disk space for the whole blockchain. Maybe it doesn't help the network, but for you it won't really be any worse than non-pruned. And you could install it on a laptop, tablet and even a phone.

A while back I thought about implementing an iOS or Android 'pruned full node' application that can be scheduled for 'sync times' like overnight, and after a few days you will have the latest UTXO set. I'm not confident I have the time for such a big side project at the moment, though. And you gotta maintain these things.... Grin
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
December 29, 2021, 11:40:32 PM
#33
Data from your browser fingerprint may not seem that much, but it's quite valuable on hands of group/government who perform all kinds of data collection to perform data de-anonymization.
Perfectly valid concern.

I would argue that Tor or any browsers of that sort does enough to obfuscate the data such that an adversary wouldn't really be able to correlate the data on a large scale. If that is indeed a threat, then using those SPV wallets which leaks privacy wouldn't be suitable and there are far better things to worry about so this wouldn't really come up as an issue.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
December 29, 2021, 09:33:45 AM
#32
* maybe querying different addresses from different servers (where possible the same address from the same server always)
* maybe querying random useless addresses too
* broadcasting through actual bitcoin peers
We need more contributors to Electrum project to implement these things because these 3 alone require a total rewrite of parts of the communication protocol used by Electrum clients. You would also have to add DNS digging, peer finding and the handshake process of full nodes for the last item.
I would have done it if I knew python...

One big problem I see is that Electrum can work well as it is, hence this kind of changes may never be seen as important/high priority.
And the fact they require a lot of rewriting/work makes it even worse. Still, one can hope..

Until then local node is one solution at hand.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
December 29, 2021, 05:18:45 AM
#31
Then run your own node. No one knows which addresses you are looking up for balances, since you are looking them up locally.
Of this I'm agreed. You absolutely need to run your own node to avoid all this mess when it comes to checking the balances of your addresses.

All these sites are doing is broadcasting the transaction via their own node. If you are going to use someone else's node, then you are always going to have to go through them (or some other third party) to do it. If you don't want to do that, then the only remaining option is to run your own node.
I meant that whether you broadcast it through a block chain explorer or directly to the Bitcoin network, it's the same thing privacy-wise[1]. The explorer doesn't know anything just like when your node receives transactions that then re-shares.

I just said that I'm sure you can choose a node and send it directly without any explorers. There was even a project dedicated to broadcasting transactions.

  • [ ] Add ability to push transactions to network directly through nodes not third parties.



[1] If everything done through Tor.
legendary
Activity: 2268
Merit: 18771
December 29, 2021, 05:01:57 AM
#30
By the same reasoning, what if the entire Bitcoin network is consisted of honey pots?
Then run your own node. No one knows which addresses you are looking up for balances, since you are looking them up locally.

Broadcasting through a block chain explorer is a solution, however I'm sure you can send it directly to the network, without this kind of site-intermediary.
All these sites are doing is broadcasting the transaction via their own node. If you are going to use someone else's node, then you are always going to have to go through them (or some other third party) to do it. If you don't want to do that, then the only remaining option is to run your own node.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
December 29, 2021, 04:41:18 AM
#29
But what if some or all of those blockchain explorers are also honeypots
By the same reasoning, what if the entire Bitcoin network is consisted of honey pots? What makes you feel safe and private in that case? You'll use those block chain explorers to just broadcast a transaction anonymously. You don't care what they'll do with it later just like you don't care when your node broadcasts transactions.

Broadcasting through a block chain explorer is a solution, however I'm sure you can send it directly to the network, without this kind of site-intermediary.
legendary
Activity: 3472
Merit: 10611
December 29, 2021, 04:21:51 AM
#28
They are. Broadcasting transactions generally won't leak privacy more than your SPV wallets. Even if they were to collect data, they would only get as much data as your browser leaks, which in the case of privacy conscious ones, it isn't that much. I would recommend using a privacy-centric browser and using a new identity for each session, which in normal circumstances can't provide sufficient data regardless.
If you were to use an online tool to broadcast bitcoin transactions and want to maximize privacy it is best to use their API instead of their webpage because through the API and using a simple app all the privacy leaking methods (cookies, browser exploits, JavaScript exploits, WebRTC exploits, browser fingerprinting,...) will be eliminated all at once simply because that way you know what you are sending them whereas it is very hard to know everything your browser sends them even if you are using a privacy oriented one with privacy related extensions.
legendary
Activity: 2268
Merit: 18771
December 29, 2021, 04:10:11 AM
#27
But what if some or all of those blockchain explorers are also honeypots that collect, store, and share user data with companies and agencies interested in conducting various kinds of analysis?
The point BlackHatCoiner was making that I was responding to is why do we have to broadcast our transactions through the same SPV servers which we use to obtain balance and transaction history for Electrum wallets. Doing what I have suggested here solves that issue. For safety reasons, you should assume that every block explorer is collecting and sharing your data, just as you should assume that every SPV server is collecting and sharing your data.

As ranochigo has said, if you use connect to one of these sites via Tor to broadcast a transaction, then the site in question will only obtain the same information that everyone would be able to obtain when the transaction is broadcast through the network.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
December 29, 2021, 02:57:28 AM
#26
That's one way to approach it if you don't want privacy-infringing Electrum servers to get certain data from you. But what if some or all of those blockchain explorers are also honeypots that collect, store, and share user data with companies and agencies interested in conducting various kinds of analysis? You will be avoiding one problem but creating another one elsewhere...   
They are. Broadcasting transactions generally won't leak privacy more than your SPV wallets. Even if they were to collect data, they would only get as much data as your browser leaks, which in the case of privacy conscious ones, it isn't that much. I would recommend using a privacy-centric browser and using a new identity for each session, which in normal circumstances can't provide sufficient data regardless.
legendary
Activity: 2730
Merit: 7065
December 29, 2021, 02:47:20 AM
#25
In addition to the replies above, if you don't want to broadcast a transaction via Electrum, then once you have signed it you can simply export the raw transaction hex and then use a link such as one of the following to broadcast it instead:
https://mempool.space/tx/push
https://blockchair.com/broadcast
https://blockstream.info/tx/push
https://coinb.in/#broadcast
That's one way to approach it if you don't want privacy-infringing Electrum servers to get certain data from you. But what if some or all of those blockchain explorers are also honeypots that collect, store, and share user data with companies and agencies interested in conducting various kinds of analysis? You will be avoiding one problem but creating another one elsewhere...   
legendary
Activity: 3472
Merit: 10611
December 28, 2021, 11:21:11 PM
#24
* maybe querying different addresses from different servers (where possible the same address from the same server always)
* maybe querying random useless addresses too
* broadcasting through actual bitcoin peers
We need more contributors to Electrum project to implement these things because these 3 alone require a total rewrite of parts of the communication protocol used by Electrum clients. You would also have to add DNS digging, peer finding and the handshake process of full nodes for the last item.
I would have done it if I knew python...
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
December 28, 2021, 02:25:48 PM
#23
I will not come with much of ideas, I'll just draw my conclusion.

While making another tool won't help much, doing changes in Electrum for

* maybe querying different addresses from different servers (where possible the same address from the same server always)
* maybe querying random useless addresses too
* broadcasting through actual bitcoin peers

could get us somewhere.

And then the next step should be to offer more log-free electrum servers to the ecosystem, maybe especially on clear net (because there tend to be most users).
legendary
Activity: 2268
Merit: 18771
December 28, 2021, 05:01:38 AM
#22
Truth be told, there's no way to hide yourself with bitcoin from government's surveillance agencies.
Well, this depends on whom you are being targeted by.

There is a huge difference between being swept up in one of the many different mass surveillance programs being run by many different governments, and being targeted specifically as an individual by an FBI investigation or similar. For the vast majority of people, who are not doing anything illegal, it is the lower level mass surveillance and general unwarranted invasion of privacy that you want to avoid. You can absolutely avoid this through using Tor, running your own node, mixing and coinjoining, being careful with your transactions, etc. These mass surveillance programs do not have the time or resources to investigate every person who makes themselves hard to trace. They are not designed to fight crime, prevent terrorism, catch pedophiles, and so on. They are designed for population control, and covering 99% of the population is sufficient to do that.

If, on the other hand, you are already being targeted specifically, then you probably have much bigger things to worry about than the privacy of your bitcoin transactions.

An analogy might be whether it is Facebook or your government who are trying to track your internet activity. If you don't have a Facebook account, never visit Facebook, block all Facebook trackers and ads, make sure your devices have no Facebook apps or software on them, and so on, then you'll do a very good job of keeping Facebook out of your life. But for a government agency pulling data from your ISP, then this is all irrelevant.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
December 26, 2021, 03:23:32 PM
#21
Not to mention this all assumes you are not making traceable purchases.
Giving emphasis here. Truth be told, there's no way to hide yourself with bitcoin from government's surveillance agencies. Even if you go exclusively through Tor, mix coins, run both bitcoin and lightning node etc. There are always footprints left and even if they can't track you down, they can track the rest 99% who will have handed out KYC, IP addresses, reused addresses etc. Once they will have dismissed the 99% it will be easier to dive into that 1%.

I've said this before and I'll repeat;
when privacy is retained on a protocol level, then the project protects the users' privacy without needing them do it for their good.

Bitcoin doesn't.
legendary
Activity: 2268
Merit: 18771
December 26, 2021, 11:48:17 AM
#20
-snip-
Well yeah, it is important to be aware of all the different ways you can leak information. Running your own node to avoid a malicious SPV server solves that problem, but you can still leak information from transaction heuristics, blockchain analysis,  interacting with centralized services,  completing KYC or handing out shipping addresses, and so on.

Just as running your own node does nothing to protect your privacy from using mixed coins and unmixed coins together as inputs in the same transaction, making untraceable purchases does nothing to protect your privacy from a malicious SPV server.
Pages:
Jump to: