Pages:
Author

Topic: How using Tor Browser increases bitcoin theft? - page 2. (Read 563 times)

legendary
Activity: 3234
Merit: 1214
DGbet.fun - Crypto Sportsbook
There is a thinking among the people, using tor browser will keep them unknown to the world as the network through which the respective transaction is made will be unknown forever. Tor browsers were much preferred by users who involve into illegal and other complicated businesses. One who have used to common browsers will easily get fed, because what we experience is a much slower process and darknet is completely under surveillance by top level hackers. This in some way makes usage of tor browsers a high risk practice of transacting cryptocurrencies.
legendary
Activity: 3248
Merit: 1402
Join the world-leading crypto sportsbook NOW!
Any idea?



On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well. The executives have not made any statements regarding the matter, and the reason behind it remains unknown.

READ MORE: https://www.cryptopolitan.com/tor-browser-increases-bitcoin-theft/
I don't know, it does not seem true to me. Critical bugs can be a problem, especially with such projects that are not on top (obviously, there's way more budget to develop Chrome than Tor, so the latter is potentially more vulnerable because of being underfinanced. However, I don't think this was the point in this message. I think it's more about Tor being associated with illegal activities or something, and the problems of downloading files while using Tor and becoming exposed because of that. Plus, there might be some hackers looking specifically for Tor browser users, because they are way more likely to have some Bitcoins than people who use Chrome. But overall, I think the issue is overstated and Tor does not really increase the risks of having the funds stolen...
legendary
Activity: 2590
Merit: 3015
Welt Am Draht
Tor browser doesn't increase Bitcoin theft, It's either you are using the wrong localbitcoin site or they are trying to stop their users from hiding their ip address.

Is there not a possibility of man in the middle stuff by the exit node? I've only ever used Tor once and found it so slow I started to blub. Good job I'm not a paedophile or drug dealer as I'd have to quit those peccadilloes if my outlets had to use it.
legendary
Activity: 1400
Merit: 1001
Undeads.com - P2E Runner Game
I believe that something connected to internet will increase any theft or illegal activity. But i believe with tor browser it self, and not suspect it if i download/using tor browser from real developer. But i will suspect if i download browser from not trusted website/developer. For example, download from fishy website, so i wont used it. Worry if those browser include with keyloger,or something malware placed by fishy developer.
member
Activity: 406
Merit: 10
Tor browser doesn't increase Bitcoin theft, It's either you are using the wrong localbitcoin site or they are trying to stop their users from hiding their ip address.
legendary
Activity: 2590
Merit: 3015
Welt Am Draht
If this was for the benefit of their users would it not be helpful to tell them why it's unsafe? One doomy sentence is not really enlightening enough.

It's been weird watching Localbitcoins slowly lose it. They have a super established brand that they're slowly strangling. If I were them I'd split into one operation that still does custodial stuff and another that advertises trades but nothing else.

member
Activity: 141
Merit: 62
tor will not increase nor decrease the possibility of bitcoin theft.
technically, I don't see how this can be true, and here is why:

1) Say some user choose to send traffic traverse thru Tor (via socks proxy localhost then transit its way on port 443 to LBC) via SSL engine embedded in Tor Browser
2) in some instance, this TLS session traffic enters into a monitoring exit node that logs and decrypts well known certs for meta-data extractions (like google services and other deep state firms)
3) since the private key generated x.509 cert request remained unknown, signed by CA, there is insufficient believe that 3rd party can decrypt the traffic on your LBC browing session on an Tor exit node.

However, if an website like LBC DO uses CDN service like akamia or cloudflare,etc; then things can go WRONG. This is true even for user NOT browsing with Tor:

4) Tor exit node output IP obfuscated traffic to CDN protecting or increase service capacity.  Any data you GET thru one of those CDN is not encrypted, (automatic MITM and with CDN SSL and NOT origin SSL Certs) in order for CDN to analysis and to provide filtered service. Reason being your traffic entering and exiting these node with non LBC SSL Certs.  And the session cache can be scrubbed to reveal your wallet, data, recovery seeds, password, as many other goodies with sensitive information like IP and other site you've sited (i.e blockchain.info, coinbase, any many others which also uses CDN like cloudflare).

5) CDN Exfiltrate this meta-data relating to your browsing session to a 3rd party, and re-encrypt to clear txt data to deliver the origin server that hosts actual LBC https://  content via public LBC web SSL Certs.  3rd party pays royalty to CDN like cloudflare, and in term they bragg and offers free unlimited protection for any web site.

Analysis
---------
a) 3rd party can be analytics or big data entities with deep fed banking darknet infrastructure as part of data "source" for on-going dragnet surveillance on it activity.
b) in 3, CDN most likely host origin server's authoritative resolver (acting as LBC DNS for example) and it keep logs and this statistics are normally packaged and for sale to CDN's associates and other interested 3rd Party ($$$)
c) Being existential, LBC may trade in your privacy for free LBC protection.  But since it needs to comply with BTCKYCBTC anyways to prevent being shut down, this is somewhat of a m00t point.

Now, do you see a pattern?

legendary
Activity: 3038
Merit: 2162
On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well.

it doesn't---no more than using firefox does.

i suspect localbitcoins is feeling very pressured by regulators (european commission, finnish government) regarding AML enforcement. i'm not sure if regulators are specifically telling them to clamp down on TOR (or VPN) usage, or if they are just trying to be proactive to please them. but this seems like an underhanded attempt to discourage IP address obfuscation techniques.

If it's true, people will now be more suspicious of localbitcoins, since they are lying to users in order to brake their privacy. This will push p2p trading towards decentralized exchanges, forums, telegram channels and so on. And then instead of having some Tor users and some clearnet users, they'll end up with less users overall, and regulators will have harder time spying on people.
sr. member
Activity: 1176
Merit: 252
this is indeed quite confusing news. I think tor is one of the best browsers. however, if localbitcoin feels that tor browser can increase theft on bitcoin, then that also has the potential for other browsers right? however there is no truly secure system. we only need to pay attention to the defenses we have on the device we use. So far, I have not used a browser other than Google Chrome, and Firefox.
hero member
Activity: 1890
Merit: 831
Well I don't even think we should use something other than the Mozilla or Google ..

There are millions of browsers in the market and it is certainly not a good idea to go and try each and every one of them ..be safe and use secure ones acceptable all over the globe.
legendary
Activity: 1652
Merit: 1483
It looks like they're just desperately indirectly calling it sort of unsecure just so their users wouldn't attempt to hide their IPs using Tor. May it be for KYC/AML or better traceability reasons or for more accurate user statistics on their side. As far as I know they don't ban people for using Tor, so I really don't see any harm in using Tor when using Localbitcoins.

this is probably the first step towards outright banning TOR and VPN usage or closing accounts over it. bitstamp and poloniex already "limit" VPN usage, which presumably means you risk account closure by using them.

on localbitcoins, one can still trade at the lowest tier with a throwaway name, email and burner phone up to 1000 euro per year. already super low limits in my view, but i guess if you've got some time on your hands and a handful of burner phones, you can dodge their limits in a sort-of meaningful way? by obfuscating your IP.
hero member
Activity: 1722
Merit: 528
I don't know why did they say that.

Does the Tor browser that I know in the past is not the same as the Tor browser right now?

It is true that most of the people use it to access the Dark/Deep Web but it is not that these hackers can access the computers being used right? Tor browser is known for that that is the reason why I used that in the past to access that "not-to-be-accessed" site as they told me. I think they are just giving warning and not a threat, right?
hero member
Activity: 2268
Merit: 588
You own the pen
I don't think it came from Tor because it is the most secure way of browsing.
My suspect is a 3rd party software which was the case of hacking of some ETH a year ago
where they hack the google DNS address and put the blame on etherium but the case was solved
and the real cause of hacking is finally found out it was not etherium fault rather it is from google DNS address.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
Well, I do not know if the Tor nodes might have something to do with that? I know it was reported that the 3l3tter agencies can run their own exit nodes and then use these nodes to track IP addresses, so if they are capable of doing that, then other people might also be able to do that and once they have your IP Address, it will be easier to target Bitcoin owners.  Roll Eyes

The question is, why go through all that trouble, when you can simply target people that are not using Tor with their service? I think this is simply a scare tactic to try and influence people not to use Tor.  Tongue
member
Activity: 686
Merit: 15
I don't believe this accusation, I incorporate privacy browser to my web search and browsing. I hope they are not going to accuse brave browser as the next, not safe browser.  It's possible localbitcoin wants to keep track of it users.
sr. member
Activity: 1638
Merit: 300
I think they have their reasons for this since this browser is better than others when it comes to privacy. I doubt that people would be able to track your histories with this. It would not increase the possibility of being hacked but it would increase your time browsing since it is not that fast when it comes to that.
legendary
Activity: 3472
Merit: 10611
i honestly can't think of any situation where using Tor would increase the chances of you losing your bitcoins that you are keeping on the same online machine compared to normal times when you are using that machine without Tor!
usually when sites make such claims they also should add a page to explain why they are saying it otherwise we end up speculating about their works with the governments which might be more correct than you may think.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
September 13, 2019, 09:32:54 PM
#9
I don't think so, Tor increases privacy in general, and wallets that allow Coinjoin transaction use Tor by default in order to enhance privacy of bitcoin transactions. There are other factors that combine together and contribute to the privacy of users. I don't see any convincing reasons to judge that Tor increase risks of bitcoin theft, honestly.
Enhanced privacy with Wasabi & Samourai wallets
mk4
legendary
Activity: 2870
Merit: 3873
📟 t3rminal.xyz
September 13, 2019, 09:19:06 PM
#8
Lol nice try on Localbitcoin's side. That's not true at all. It looks like they're just desperately indirectly calling it sort of unsecure just so their users wouldn't attempt to hide their IPs using Tor. May it be for KYC/AML or better traceability reasons or for more accurate user statistics on their side. As far as I know they don't ban people for using Tor, so I really don't see any harm in using Tor when using Localbitcoins.


EDIT

@Darooghe but you just connected through Tor, didn't you? There' s no message coming up for me.
Same here I don't see any message from their website while using Tor Browser.

Managed to let the message appear. It appears on the login page.
legendary
Activity: 2450
Merit: 1472
September 13, 2019, 08:39:34 PM
#7
No one is safe and we know that, but now I'm curious to see what's happening and why localbitcoins are acusing tor browser, for me it's doens't make any sense, I can't find a reason that tor is riskier than another browsers  Huh
Pages:
Jump to: