Pages:
Author

Topic: How using Tor Browser increases bitcoin theft? (Read 563 times)

newbie
Activity: 78
Merit: 0
September 19, 2019, 06:16:27 AM
#46
I don't think Tor can really help with that. You just have to be more careful.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
  b) And I think this is the bigger issue. People not setting stuff up properly and getting bitten by that.

Genuinely curious, what do you think the average person using Tor should set up to avoid getting attacked? Anyway, I agree with you that they're covering their ass, but more from regulatory pressure than anything else.

Malicious exit nodes mounting MITM attacks is a vector I hadn't considered before. I had been thinking of them mainly as surveillance adversaries. I'm not actually sure this is a legitimate concern, though. It seems like attackers could do more effective analysis on regular clearnet usage to mount more effective generalized attacks on a bigger population.

Maybe DaveF could elaborate on how targeted routing analysis would make such attacks more likely. My initial reaction is that users running NoScript and/or disabling JS should be much better protected against MITM attacks than average web users too, so that's another reason why average TOR browser users should be safer.

This has been going for long, but lately it is ever a concern, as most sites switched to https anyway, and the exit node can do nothing about that.
HTTPS Everywhere is rather useless at this point in time, because, most sites already are https and there is no need to try force it anymore. Besides, those few sites that still don't have https, won't have it magically only because you have that add on. Thanks the EFF for the push tho.

Getting rid of scripts (i like umatrix more than noscript) is a solid move. Only while list trusted sites and at the same time get rid of the tracking garbage.



Be careful when using Tor. Operators maintain a registry of TOR users. That is, just downloading the browser, you get into the list. Files are sent through several servers to confuse those who want to track traffic. The last server in rare cases may be yours. If you're not lucky, "they may be accused of drug trafficking. Most of the Tor traffic comes from the Darknet. Your security and anonymity are at risk on sites without an SSL certificate. It’s better to avoid sites on http and only go where there is https.

This is utter nonsense and you have no idea what you are talking about. Get informed before writing stuff first...
full member
Activity: 567
Merit: 148
Tor browser doesn't increase Bitcoin theft, It's either you are using the wrong localbitcoin site or they are trying to stop their users from hiding their ip address.

Be careful when using Tor. Operators maintain a registry of TOR users. That is, just downloading the browser, you get into the list. Files are sent through several servers to confuse those who want to track traffic. The last server in rare cases may be yours. If you're not lucky, "they may be accused of drug trafficking. Most of the Tor traffic comes from the Darknet. Your security and anonymity are at risk on sites without an SSL certificate. It’s better to avoid sites on http and only go where there is https.
full member
Activity: 776
Merit: 101
PredX - AI-Powered Prediction Market
I think the caveat offered by Tor, historically related to extra-personal spending and other browsers related to FireFox are theoretically equally vulnerable. LOCALBITCOINS raises concerns about privacy tor
legendary
Activity: 3808
Merit: 1723
tor will not increase nor decrease the possibility of bitcoin theft.
technically, I don't see how this can be true, and here is why:

1) Say some user choose to send traffic traverse thru Tor (via socks proxy localhost then transit its way on port 443 to LBC) via SSL engine embedded in Tor Browser
2) in some instance, this TLS session traffic enters into a monitoring exit node that logs and decrypts well known certs for meta-data extractions (like google services and other deep state firms)
3) since the private key generated x.509 cert request remained unknown, signed by CA, there is insufficient believe that 3rd party can decrypt the traffic on your LBC browing session on an Tor exit node.

However, if an website like LBC DO uses CDN service like akamia or cloudflare,etc; then things can go WRONG. This is true even for user NOT browsing with Tor:

4) Tor exit node output IP obfuscated traffic to CDN protecting or increase service capacity.  Any data you GET thru one of those CDN is not encrypted, (automatic MITM and with CDN SSL and NOT origin SSL Certs) in order for CDN to analysis and to provide filtered service. Reason being your traffic entering and exiting these node with non LBC SSL Certs.  And the session cache can be scrubbed to reveal your wallet, data, recovery seeds, password, as many other goodies with sensitive information like IP and other site you've sited (i.e blockchain.info, coinbase, any many others which also uses CDN like cloudflare).

5) CDN Exfiltrate this meta-data relating to your browsing session to a 3rd party, and re-encrypt to clear txt data to deliver the origin server that hosts actual LBC https://  content via public LBC web SSL Certs.  3rd party pays royalty to CDN like cloudflare, and in term they bragg and offers free unlimited protection for any web site.

Analysis
---------
a) 3rd party can be analytics or big data entities with deep fed banking darknet infrastructure as part of data "source" for on-going dragnet surveillance on it activity.
b) in 3, CDN most likely host origin server's authoritative resolver (acting as LBC DNS for example) and it keep logs and this statistics are normally packaged and for sale to CDN's associates and other interested 3rd Party ($$$)
c) Being existential, LBC may trade in your privacy for free LBC protection.  But since it needs to comply with BTCKYCBTC anyways to prevent being shut down, this is somewhat of a m00t point.

Now, do you see a pattern?



Giving you a merit for a well written post. This is basically the same as some people freaking out about using public WIFI. Most sites these days use HTTPS and most of the data sent to the website is encrypted and its very difficult to decrypt this info unless you know the key which only the server possesses.

There are issues however with some data that isn't encrypted and depending on what site you are browsing. Some sites might have HTTPS for certain areas but not the entire site and that info is very easy to view. This is where some people who used those packet sniffers back in 2010 read some private info over public wifi such as in a University. However usernames, passwords and emails were always encrypted.
jr. member
Activity: 267
Merit: 7

I still can't believe such a reputable web browser. Everything is at risk. Our job is to control risk, I think tor will have a proof
sr. member
Activity: 798
Merit: 251
Small Trader
I have never opened the Tor browser to login or just trade. Because I am a person who is very careful with passwords and privacy. In essence, I am very careful with gaps that can make me lose.
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
   b) And I think this is the bigger issue. People not setting stuff up properly and getting bitten by that.

Genuinely curious, what do you think the average person using Tor should set up to avoid getting attacked? Anyway, I agree with you that they're covering their ass, but more from regulatory pressure than anything else.

Malicious exit nodes mounting MITM attacks is a vector I hadn't considered before. I had been thinking of them mainly as surveillance adversaries. I'm not actually sure this is a legitimate concern, though. It seems like attackers could do more effective analysis on regular clearnet usage to mount more effective generalized attacks on a bigger population.

Maybe DaveF could elaborate on how targeted routing analysis would make such attacks more likely. My initial reaction is that users running NoScript and/or disabling JS should be much better protected against MITM attacks than average web users too, so that's another reason why average TOR browser users should be safer.
member
Activity: 532
Merit: 41
https://emirex.com
I find such a warning just bullshit probably just away of trying to make Tor browser less popular. LocalBitcoins just recently started to become strict on KYC so what i think they are trying to do is discourage people from using Tor so that their Online presence is easily traceable.
Some People lose bitcoins to scammers anyways so long as they are connected to the web and are so careless.
- "No one is safe"
- "No system is safe"

Without bothering to provide some good explanation for such a warning, it can misconstrued that LocalBitcoins made the act maybe just to please some regulators or to make the platform detached from possible problems they think they might encounter in the future relative to the TOR browser. What is clear here is that many platforms are now starting to aligned with authorities so they can continue doing business with ease as we know that fighting can mean financial bleeding.
hero member
Activity: 1834
Merit: 759
   b) And I think this is the bigger issue. People not setting stuff up properly and getting bitten by that.

Genuinely curious, what do you think the average person using Tor should set up to avoid getting attacked? Anyway, I agree with you that they're covering their ass, but more from regulatory pressure than anything else.

Indeed this browser is merely Firefox with Tor bundled and some default settings changed.

Missed this on my first post, but I thought I'd clarify: The Tor Browser is not just Firefox with settings changed. Tor is geared towards anonymity.

I didn't use this Tor browser anymore. So I don't have better idea about this one. If this one is good enough I will surely try for it. Smiley

I personally don't think it's ideal for regular browsing as it makes captchas hell and can be excruciatingly slow. Its primary use for anonymity, which some people might want for doing Bitcoin stuff.
member
Activity: 246
Merit: 10
For success work hard!
I didn't use this Tor browser anymore. So I don't have better idea about this one. If this one is good enough I will surely try for it. Smiley
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
1) I use tor a lot

2) There is and continues to be an issue with:
   a) Malicious exit nodes. Yes, many people choose to say, it's safe but anyone with enough time and money can sniff all traffic and do a really good MITM attack with it.
   b) And I think this is the bigger issue. People not setting stuff up properly and getting bitten by that.

3) As said before tor is different the the tor browser but explaining that to people is very difficult. Hell, the brave browser has a "connect with new private window & TOR" option.

I'm going out on a limb and saying this is LBC doing a cover their ass thing.

"Oh, look you connected using TOR, it's your fault, you don't get your BTC back. Next ticket"
It could be preemptive or it could be, they have seen a greater number of issues with TOR users and don't want to deal with it anymore.

-Dave
hero member
Activity: 1834
Merit: 759
Is there not a possibility of man in the middle stuff by the exit node? I've only ever used Tor once and found it so slow I started to blub. Good job I'm not a paedophile or drug dealer as I'd have to quit those peccadilloes if my outlets had to use it.

It's possible, but since it comes with HTTPS Everywhere out of the box, I'd say it's a remote possibility. The possibility certainly isn't significant enough to conclude that Tor is inherently less safe than other popular browsers. Localbitcoins has been being increasingly hostile to anonymity for a while now, so such a move with no explanation is just them keeping up with that trend.

Maybe scammers do prefer to use Tor, like what has already been brought up, but it's not like using it yourself would leave you more vulnerable to them lol. Either way, it looks like using Tor isn't a ToS violation yet.
legendary
Activity: 2030
Merit: 1573
CLEAN non GPL infringing code made in Rust lang
Any idea?

On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well. The executives have not made any statements regarding the matter, and the reason behind it remains unknown.

This is not true, except maybe from their point of view. One of the things Localbitcoins tells you is the country (ip) of the other party, of course if you use tor the ip is random, so you cannot tell. But that is stupid as anyone could be using a proxy or vpn to fake a country anyway...

Indeed this browser is merely Firefox with Tor bundled and some default settings changed.

And yes, the (silly) message is visible if you enter Localbitcoins from Tor (regardless of browser).

In 2019 the Tor project went with a very misleading image. Tor is Tor, their browser is their browser, they are separate, period. I do not agree with their revamped image. One thing does not mean the other, you can perfectly use Tor with any other browser, they will scare you of leaks, especially if you use something like Chrome which makes sense, but you can still use a secure browser that is not "The Tor Browser", via Tor. Get it?

The real Tor page is this one: http://2019.www.torproject.org/ notice the 2019 in front of the url.

Oh yes, it is possible to use Tor Browser without Tor, i won't tell you tho Smiley
legendary
Activity: 3080
Merit: 1353
On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well.

it doesn't---no more than using firefox does.

i suspect localbitcoins is feeling very pressured by regulators (european commission, finnish government) regarding AML enforcement. i'm not sure if regulators are specifically telling them to clamp down on TOR (or VPN) usage, or if they are just trying to be proactive to please them. but this seems like an underhanded attempt to discourage IP address obfuscation techniques.

Perhaps the former, every law enforcement agency are putting pressure on crypto exchanges this year and those people behind are caving in that's why recently they require KYC.

So I'm not surprise by the announcement though, if they want to continue with their business I guess they're going to follow the same path as other trading platform today, obey or shut down.
sr. member
Activity: 2506
Merit: 368
No one is safe and we know that, but now I'm curious to see what's happening and why localbitcoins are acusing tor browser, for me it's doens't make any sense, I can't find a reason that tor is riskier than another browsers  Huh
Don't just believe what you saw on the internet because i believe ToR is not the reason why Bitcoin would get stolen.
I think it is just a misleading information they made to prove something from the government or localbitcoins doesn't like people who uses VPN. Roll Eyes
full member
Activity: 1638
Merit: 122
This isn't true,

thats what i also think about    .  i knew tor before and tor is i think pretty simillar to vpn which protects your identity or to make you more anonymous  . people use these kind of tools in order to become safe for tracking so how can one say that it increases theft/btc theft  ?  

tor is also the browser that can be used to dive on the deepweb/darkweb right ? browsing those sites are dangerous or risky , this could be the other reason why they think it risky to use tor because diving those said sites are full of hackers  and spy
hero member
Activity: 2996
Merit: 609
This isn't true, how Tor do increases out bitcoin theft? LBC is just clearly or obviously doesn't like for its users to use up this browser. Grin
legendary
Activity: 1666
Merit: 1196
STOP SNITCHIN'
If this was for the benefit of their users would it not be helpful to tell them why it's unsafe? One doomy sentence is not really enlightening enough.

It's pretty insulting. If anything, TOR users are safer on average because of NoScript, which protects against XSS attacks among other things.

It's been weird watching Localbitcoins slowly lose it. They have a super established brand that they're slowly strangling. If I were them I'd split into one operation that still does custodial stuff and another that advertises trades but nothing else.

Is that why they're so uptight -- because of the hosted wallet? I'd love it if there were a Craigslist style non-custodial trading site with LBC's amount of traffic. I could see it being tough to split their brand at this point, though.
hero member
Activity: 2184
Merit: 531
Maybe what they're trying to say is that TOR users can take advantage of greater anonymity and try to scam you or steal from you physically when you agree to exchange with them? This doesn't mean that scammers aren't using other browsers.

 I agree that this is a stupid warning that will rather confuse new users and make them scared of using TOR but TOR is not the problem. The most important thing is to know how to keep your PC and your wallet safe.
Pages:
Jump to: