Topic: Introducing OnionBitcoin (Read 1941 times)
The other issue is that if you have a Tor exit node or eepsite on a different machine than the server they're meant to serve, then the connection and data are vulnerable due to the obvious connections between them. After all, one must connect to the other, and that will end up going across the Internet unprotected.
Doesnt this attack require total control of the network?
No, it only requires that you recreate the circuts repeatedly to identify as many of the nodes on the network as is necessary to narrow down the possible locations of the target. Most hidden services use a few highly trusted nodes in order to defend against this attack, as victory is defined as establishing a circut with an owned node in direct contact with the target. Still it can be done by first identifying those trusted nodes, and then literally breaking into those nodes to directly locate the target. It's not an easy attack, but the CIA certainly has the resources to do it. I doubt that the FBI would do it, for no other reason that such an attack wouldn't likely lead to untainted evidence for a trial. But the CIA's goals don't usually involve a prosecution.
Doesnt this attack require total control of the network? and how does running an eepsite from behind an i2p gateway (bearing in mind the connection to the server and the gateway is over vpn or ssh) make this attack any more likely or succesful than just running i2p on your local machine?
I would be interested in a tor/i2p proxy service. that is you forward traffic from tor or i2p addresses (onion addresses and eepsites) via ssh or something similar to another machine, so that I can operate my service from within tor or i2p without having to run the systems.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
If you don't run the hidden service/eepsite on the same server as the "real" site, it becomes trivial to locate the hidden service. For a service whose location is already known, since it's on the public Internet, this isn't really that big of a problem, but it could be an issue for such a proxy operator, who might not want his server's location known.
That said, it's pretty easy to set up a hidden service or eepsite. I can walk you through this for a few BTC.
How can they be located?
It's similar to triangulation. The hunter sets up an number of intermediary nodes that they can modify to track packets, then repeatedly make circuts to the target. Since they know the starting content of packets, they can identify their own packets as they cross their nodes, even encrypted, by timing and packet size. Then they note which node the packets are going too next. The idea is to identify the path from different directions, narrowing down the geographical location of the target by progressively locating the nodes in the circuts.
I would be interested in a tor/i2p proxy service. that is you forward traffic from tor or i2p addresses (onion addresses and eepsites) via ssh or something similar to another machine, so that I can operate my service from within tor or i2p without having to run the systems.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
If you don't run the hidden service/eepsite on the same server as the "real" site, it becomes trivial to locate the hidden service. For a service whose location is already known, since it's on the public Internet, this isn't really that big of a problem, but it could be an issue for such a proxy operator, who might not want his server's location known.
That said, it's pretty easy to set up a hidden service or eepsite. I can walk you through this for a few BTC.
How can they be located?
I would be interested in a tor/i2p proxy service. that is you forward traffic from tor or i2p addresses (onion addresses and eepsites) via ssh or something similar to another machine, so that I can operate my service from within tor or i2p without having to run the systems.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
If you don't run the hidden service/eepsite on the same server as the "real" site, it becomes trivial to locate the hidden service. For a service whose location is already known, since it's on the public Internet, this isn't really that big of a problem, but it could be an issue for such a proxy operator, who might not want his server's location known.
That said, it's pretty easy to set up a hidden service or eepsite. I can walk you through this for a few BTC.
I would be interested in a tor/i2p proxy service. that is you forward traffic from tor or i2p addresses (onion addresses and eepsites) via ssh or something similar to another machine, so that I can operate my service from within tor or i2p without having to run the systems.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
This is something i would pay for, just saying since you seem clued in on interfacing wth the tor network.
Fascinating... what does it do?
Hi!
I would like to introduce OnionBitcoin, the first and only (afaik) TOR-based Bitcoin service. You can only communicate with it via a bitcoind-api-compatible JSON-RPC-Api and only using TOR. Therefore you need Tor installed on your PC and a PHP class like "PHP5 class for interfacing with the Tor network" by Josh Sandlin (Google it!) to communicate with the TOR network and OnionBitcoin.
For whom may it be usefull?
* People who don't want to run their own bitcoind
* People who fear their wallet.dat may be stolen
* People running an onion website
As the project is currently in Beta, please contact me directly to get further information and/or an account:
Sincerely
OnionBitcoin
I would like to introduce OnionBitcoin, the first and only (afaik) TOR-based Bitcoin service. You can only communicate with it via a bitcoind-api-compatible JSON-RPC-Api and only using TOR. Therefore you need Tor installed on your PC and a PHP class like "PHP5 class for interfacing with the Tor network" by Josh Sandlin (Google it!) to communicate with the TOR network and OnionBitcoin.
For whom may it be usefull?
* People who don't want to run their own bitcoind
* People who fear their wallet.dat may be stolen
* People running an onion website
As the project is currently in Beta, please contact me directly to get further information and/or an account:
- Via PN
- Via the normal internet:
[email protected]
https://privacybox.de/onionbitcoin.msg ### leave an e-mail adress in your message where I can contact you!!! - Via Tor:
http://c4wcxidkfhvmzhw6.onion/onionbitcoin.msg
onionbitcoin@TorPM (http://4eiruntyxxbgfv7o.onion/pm) ### not prefered. Could take several weeks for me to answer
If prior contacted I can also chat with you in the TorChat-Messenger - Via i2p:
[email protected]
http://privacybox.i2p/onionbitcoin.msg ### leave an e-mail adress in your message where I can contact you!!!
i2pbote address: wJOBx6DyLVRlyeu9Ip4HUviOLgJKTS9GoNTaKiU2SpA8Y1KLQVDaCz48pcv6zAnHbQZmn-5tnde8WTmgmHl6XK
If prior contacted I can also chat with you in the I2P-Messenger
Sincerely
OnionBitcoin
Jump to: