Electrum privacy questions | Bitcointalksearch.org

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: DireWolfM14 on May 09, 2021, 02:14:59 PM

Quote from: ABCbits on May 09, 2021, 04:49:07 AM

For reference, there's more proper way to add Tor service on Windows.
~

There's nothing improper about using Task Scheduler. For many a GUI interface is user-friendly and unintimidating, and the service can be managed just as easily.

Actually, i didn't know Task Scheduler have option to add argument and that's why i think it was improper because you can't configure the Tor service easily.
If Task Scheduler allow argument, using Task Scheduler is fine for most user.

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: AB de Royse777 on May 08, 2021, 07:32:00 AM

Quote from: ?? on ??

Yes, it's because Electrum send your addresses to Electrum server to get transaction which related with your addresses.

I don't like it.

I don't like it either, but Electrum only employ basic privacy feature (fully encrypted wallet by default, change addresses and randomize output position).

Quote from: DireWolfM14 on May 08, 2021, 11:29:16 AM

Quote from: AB de Royse777 on May 08, 2021, 07:32:00 AM

I use TOR connection and find it easy to set up, but the only drawback is that I need to run TOR browser all the time when my Electrum is running. I remember a year ago when I was using Wasabi, I did not require to run the TOR browser to enable tor connection with them.

You can setup Windows to start Tor as a background service at login.: Start Menu > Windows Administrative Tools > Task Scheduler

Create a task with your preferences, on the "Action" tab set it to run a program; C:\Path\To\Tor\Browser\Browser\TorBrowser\Tor\tor.exe

For reference, there's more proper way to add Tor service on Windows. Check this guide, How to install Tor and create Tor hidden service on Windows.
Afterwards, you can use "Services" or "Windows Task Manager" to manage the Tor service easily.

DireWolfM14

copper member

Activity: 2184

Merit: 4238

Join the world-leading crypto sportsbook NOW!

Quote from: ABCbits on May 10, 2021, 04:48:43 AM

If Task Scheduler allow argument, using Task Scheduler is fine for most user.

Yes, command line arguments and options can be included in the "Actions" tab of the scheduled task, in the same line as the program path, just like you would enter it in PowerShell. If you have a specific location for a custom torrc file you want to use for the service, you can include the appropriate argument and the custom path as well. Tor.exe will look for the torrc file in the default location within the included subdirectory tree, so you can add configuration arguments there as well.

I don't recall if the service will be visible in the "Processes" tab or the "Services" tab of Task Manager, but it can be found and managed in one (or maybe both) of those tabs.

DireWolfM14

copper member

Activity: 2184

Merit: 4238

Join the world-leading crypto sportsbook NOW!

Quote from: ABCbits on May 09, 2021, 04:49:07 AM

For reference, there's more proper way to add Tor service on Windows.
~

There's nothing improper about using Task Scheduler. For many a GUI interface is user-friendly and unintimidating, and the service can be managed just as easily.

Nonetheless, I do prefer to install Tor service similar to the description given in the link you provided. Here're the official instructions from Tor Project's documentation about installing Tor as a "NT service:"
https://2019.www.torproject.org/docs/faq#NTService

And here's the official list of command line arguments:
https://2019.www.torproject.org/docs/tor-manual-dev.html.en

DireWolfM14

copper member

Activity: 2184

Merit: 4238

Join the world-leading crypto sportsbook NOW!

Quote from: AB de Royse777 on May 08, 2021, 07:32:00 AM

I use TOR connection and find it easy to set up, but the only drawback is that I need to run TOR browser all the time when my Electrum is running. I remember a year ago when I was using Wasabi, I did not require to run the TOR browser to enable tor connection with them.

You can setup Windows to start Tor as a background service at login.: Start Menu > Windows Administrative Tools > Task Scheduler

Create a task with your preferences, on the "Action" tab set it to run a program; C:\Path\To\Tor\Browser\Browser\TorBrowser\Tor\tor.exe

Quote from: ranochigo on May 08, 2021, 08:48:59 AM

If you want privacy or anything like it, don't use Electrum. There is nothing that preserves or attempts to preserve your privacy to any significant extent included in Electrum.

Unfortunately this is true. The only way around this at the moment is to run your own server.

ranochigo

legendary

Activity: 2954

Merit: 4158

Quote from: dkbit98 on May 08, 2021, 05:18:34 AM

You can also use Tor and .onion servers with your Electrum wallet to improve your privacy, and I think electrum should think of adding some easy switch option for this just like Wasabi and Trezor Suite have.

If you want to have any privacy, Electrum is not the wallet to use. The nature of Electrum will leak privacy and Tor only obfuscates the IPs but will still result in the addresses still being linked to each other. The Tor feature would probably be better to circumvent any internet restrictions instead of privacy.

Quote from: BlackHatCoiner on May 08, 2021, 05:32:37 AM

Speaking of privacy and Wasabi, can you CoinJoin transactions on electrum? As for tor, I've tried connecting to some nodes, but failed. I guess I'll create a different thread for that.

You need a coordinator, which is what Wasabi has.

If you want privacy or anything like it, don't use Electrum. There is nothing that preserves or attempts to preserve your privacy to any significant extent included in Electrum.

AB de Royse777

legendary

Activity: 2464

Merit: 3878

Visit: r7promotions.com

Quote from: dkbit98 on May 08, 2021, 05:18:34 AM

You can also use Tor and .onion servers with your Electrum wallet to improve your privacy, and I think electrum should think of adding some easy switch option for this just like Wasabi and Trezor Suite have.

I use TOR connection and find it easy to set up, but the only drawback is that I need to run TOR browser all the time when my Electrum is running. I remember a year ago when I was using Wasabi, I did not require to run the TOR browser to enable tor connection with them.

Quote from: ?? on ??

Yes, it's because Electrum send your addresses to Electrum server to get transaction which related with your addresses.

I don't like it.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: BlackHatCoiner on May 08, 2021, 05:32:37 AM

Quote from: NeuroticFish on May 08, 2021, 05:16:18 AM

Since Electrum relies on 3rd party servers, you don't know what is in the code ran on the server (remember when they added the links to the phishing Electrum?). It clearly has all it needs to spy on you if the server owner want to.

I guess they've fixed backdoors of the software since then. Yes, I've read about that incident, much worse than just ruining your privacy.

Yes, they've fixed the part where the server can send anything as alert.
But that's "ancient history" now. My point was that in the same way, any code can run there as long as it meets the requirements to identify itself as Electrum server. And if somebody wants to add privately some "chain analysis" code on top of the official Electrum server code, it can be done and you'll never know.

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: ?? on ??

By the port the electrum server use. Port 50002 is used for secure connection, while port 50001 is used for insecure connection.

Is this written on electrum's source code? A port number doesn't prove anything unless there's a script (on your compiled version of electrum) that differentiate connections based on the port number.

Quote from: ?? on ??

True, but it require you to run a Bitcoin node, which download or/and store 350 GB+ blockchain.

Why does it require to run a node? Once you broadcast a transaction to the network from your Bitcoin client, you essentially send only the transaction along with its signature. You don't provide any evidence that you've downloaded the entire chain. I was having a similar discussion with Coding Enthusiast on SharpPusher and he responded that instead of using a block explorer's API, you could broadcast the transaction on Bitcoin nodes. I don't think that he's implemented it, but it is possible: Denovo feature: broadcast transactions #1.

Quote from: NeuroticFish on May 08, 2021, 05:16:18 AM

Since Electrum relies on 3rd party servers, you don't know what is in the code ran on the server (remember when they added the links to the phishing Electrum?). It clearly has all it needs to spy on you if the server owner want to.

I guess they've fixed backdoors of the software since then. Yes, I've read about that incident, much worse than just ruining your privacy.

Quote from: dkbit98 on May 08, 2021, 05:18:34 AM

You can also use Tor and .onion servers with your Electrum wallet to improve your privacy, and I think electrum should think of adding some easy switch option for this just like Wasabi and Trezor Suite have.

Speaking of privacy and Wasabi, can you CoinJoin transactions on electrum? As for tor, I've tried connecting to some nodes, but failed. I guess I'll create a different thread for that.

dkbit98

legendary

Activity: 2212

Merit: 7064

Cashback 15%

You can also use Tor and .onion servers with your Electrum wallet to improve your privacy, and I think electrum should think of adding some easy switch option for this just like Wasabi and Trezor Suite have.

Quote from: ?? on ??

True, but it require you to run a Bitcoin node, which download or/and store 350 GB+ blockchain.

I think you can use pruned node that would reduce size multiple times, and everything else would work almost the same like with full node.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: BlackHatCoiner on May 08, 2021, 04:22:52 AM

I was wondering if there's a script inside the source code that reveals to the electrum nodes that you're the owner of these addresses. If you are and decide to broadcast a transaction through an electrum node, you surely ruin your privacy, at least to that specific node. But if you don't broadcast anything, can they (or it if you're running with --one-server) see that you're the owner of these addresses or you query the balances same like on a watch-only wallet?

Additional questions:

How do you know if a node uses SSL? I guess that if it does, it's better for your privacy since your ISP can't see that you're transferring a signed transaction.
Wouldn't it be better if you broadcasted to a Bitcoin node directly? Just like when you run Bitcoin Core. The Bitcoin node can't know for sure if that's your transaction or if you're sharing transaction(s) from your mempool peer-to-peerly.

Since Electrum relies on 3rd party servers, you don't know what is in the code ran on the server (remember when they added the links to the phishing Electrum?). It clearly has all it needs to spy on you if the server owner want to.
So most probably the code doesn't have anything for spying, but it can be added. Or the info from logs may also give quite some info.

And yes, best would be to broadcast to your own server on top of your Bitcoin node, although then you may no longer actually need Electrum and just use Bitcoin core.

AB de Royse777

legendary

Activity: 2464

Merit: 3878

Visit: r7promotions.com

Quote from: BlackHatCoiner on May 08, 2021, 04:22:52 AM

But if you don't broadcast anything, can they (or it if you're running with --one-server) see that you're the owner of these addresses or you query the balances same like on a watch-only wallet?

I am interested in this.
Somewhere I read that once you load a wallet the nodes know your addresses or something. Watching the topic.

Quote from: ?? on ??

Server owner who log the request can make assumption the list of the address is owned by same person. But there's definite way to know the truth.

Even when I am not broadcasting a transaction but just loading my wallet in my online device?

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

I was wondering if there's a script inside the source code that reveals to the electrum nodes that you're the owner of these addresses. If you are and decide to broadcast a transaction through an electrum node, you surely ruin your privacy, at least to that specific node. But if you don't broadcast anything, can they (or it if you're running with --one-server) see that you're the owner of these addresses or you query the balances same like on a watch-only wallet?

Additional questions:

How do you know if a node uses SSL? I guess that if it does, it's better for your privacy since your ISP can't see that you're transferring a signed transaction.
Wouldn't it be better if you broadcasted to a Bitcoin node directly? Just like when you run Bitcoin Core. The Bitcoin node can't know for sure if that's your transaction or if you're sharing transaction(s) from your mempool peer-to-peerly.

Topic: Electrum privacy questions (Read 209 times)