Topic: Let's talk about security (Read 516 times)

Being completely anonymous* would certainly help to protect you against a number of attacks, such as attacks targeted against you specifically, malware directed against you specifically, $5 wrench attacks, physical compromise of your devices, attacks against your back ups, etc. However, it does not make you safe from any untargeted attacks such as clipboard malware or malicious wallet software.

*Glossing over the fact that it is close to impossible to be completely anonymous online.

o_e_l_e_o: that's absolutely true. However, if there was a way for you to completely anonymize the very  fact that you own cryptocurrency, or even a crypto wallet, you'd arguably be safe(ish), right?

I presume you are using Tails with a persistent volume, because every time you reboot... you resort to a old version of the Electrum wallet? So, did you download the latest Electrum wallet and installed it on the persistent volume?

Use this guide ==> https://electrum.readthedocs.io/en/latest/tails.html to configure Tails to use the most current version of Electrum on Tails. (The risk of using a persistent volume is not having a "clean" boot after each reboot)   

Cold storage should never be online, in which case you don't need Tor. If your device is online, even if all your traffic is being routed through Tor, then it's not cold storage.

Unless of course you mean using Tails as cold storage on a permanently airgapped device, transferring your signed transactions to an online device via QR code or USB drive, and then broadcasting them via Tor, in which case I agree.

Using a VPN with tor is generally only recommended if you can configure it properly. If not, you are likely not doing yourself any favors.

Tails w/Tor for cold storage is a must though.

Yeah, McAffee had it coming.
On the other hand, Gottfrid Svartholm, Fredrik Neij, and Peter Sunde fought tooth and nail against the US justice system. After years lobbying the Swedish government, they finally filed charges against them, and they got arrested. They spent a few years in prison, and now they're free as birds, and nobody can touch them. And The Pirate Bay never got offline, and it's running today, stronger than ever.

In the meantime, the MPAA started a war against the Yify torrent site, and its owner, Yiftach Swery. They shut down the original site, and literally HUNDREDS of mirror sites popped up. Since, Swery retired, and Yify changed name to YTS. Still going strong.

Thank you all for the replies. Last night I realized I had been overcomplicating things. I don't need Tor, and chances are I don't need Tails (which is proving to be a pain in the rear to set up) either. If I'm running a wallet offline, I'm already safe. I'm thinking about using it together with a number of paper wallets, and I should be ok.

Best of luck. NOBODY can understand my country.  
We're talking about a country that elects a vice president while she's under indictment on several different charges, high treason among them. https://en.wikipedia.org/wiki/Cristina_Fern%C3%A1ndez_de_Kirchner#Legal_charges

Let me give you a couple of pointers:

A few years ago, a guy saw 3 thugs break into his business (a convenience store) that was just across the street from his house. So he took his (legally owned) gun, crossed the street, and shot the burglars down. The guy went to prison because his permit didn't allow him to take his gun to the street, so it was "illegal carry". None of the 3 burglars died, and none of them was even indicted.

In 2017 or 2018, a guy was working as a security guard in a warehouse. He was armed with a "Ballester-Molina" pistol, similar to a Colt 1911.
A group of guys broke in. A gunfight ensued. He managed to kill one of the guys, and wounded a few more. In the process, he was wounded.
He was arrested because he was "carrying without a license", and his boss denied even knowing him, even when he could (and did) prove he was working for him, and he had provided him with the weapon. Again, none of the burglars was even charged.

in 2019, I was walking one night along one of Buenos Aires' most important streets (9 de Julio Avenue), when I saw a guy laying down on the sidewalk, handcuffed and squealing like a dying pig, surrounded by about a dozen cops. I kept on walking, as I was going to work  at a mcdonald's store about 100ft. away, and knew damn well I was gonna learn what happened soon enough. About 2 hours later, a couple of cops showed up.
The guy had been caught red-handed having beat up a girl right outside a university, and trying to rape her. The girl was sitting in the side, all bruised, waiting on the ambulance to show up.
So I talked to the cops. They had called the prosecutor, and when he learned the guy was homeless, he refused to prosecute him. they had to let him go.  

Now tell me: you really think you can understand that?

Thank you n0nce, I'll check it out.
The good thing about Binance is it allows me to buy directly in ARS, which is very convenient, especially considering Argentinian money is as volatile as cryptocurrencies...  

A few resources about how they did it:

Bad relay work and:
As on Criteria for rejecting bad relays, in short, there is a difference between misconfigured exit relays and malicious relays, the former will not be directly removed from the network since it rather can be used as a guard(entry) or middle relay, and the latter, it will immediately be removed.

You can take a look at the data here: https://metrics.torproject.org/networksize.html?start=2007-01-01&end=2021-11-08

As you can see, the number of Tor relays has stayed fairly consistent at between 6000 and 7000 for the last 6+ years. Also note that when you use Tor, your browser picks one of three guard nodes, each with a lifetime of approximately 120 days. It is only the middle and exit nodes which change whenever you request a new circuit or after you've used the same circuit for 10 minutes. So given that you will be using the same guard node for a period of time, then you have around 6000-7000 possible entry/exit combinations.

Good source, thank you.

I did find some parts in that discussion quite interesting. For example, here is a quote from one of the replies:
How would TOR know that some exit nodes are "bad" and have ways to monitor or manipulate the traffic routed through them? And if they have such knowledge, why are those nodes not removed and blacklisted?

I find this segment interesting as well:
The emphasis is on "should". They didn't say "must" or "have to", but you have the option to do it or not.

Nothing of the above seems worrying to me either, but still interesting to think about... 

1. The IP address isn't stored on blockchain, unless you meant blockchain.com the block explorer?
2. IP address shown by blockchain.com is IP of the node which relay the transaction to blockchain.com node. It's unlikely the sender run full node and directly connected to blockchain.com node.


Read this (https://tor.stackexchange.com/a/114) and make your own conclusion. As for me, i would worry about something else.

Every TOR node doesn't need to be, but a few of them could. They could also be getting data from certain block explorers who would gladly sell it to them or hand it over for free depending on their agreement.

Is this a risk worth thinking about? How many entry and exit node combinations exist on the TOR network? Do the numbers change and increase regularly or are they more or less the same for years?

Without tor your ip adress then making trasactions is saved to blockchain, so if you for ex from Japan, then your wallet.dat password probably in Japan language too.... etc...

Tor obfuscates your entry and exit point to the network. Your exit node can only track you if they are also controlling your entry node and can link your entry and exit traffic between the two nodes, effectively mounting a Sybil attack.

If this is a concern of yours, then you could consider connecting to your VPN first, and then connecting from your VPN to Tor, effectively using your VPN server as an entry node in to the Tor network. If your Tor nodes are malicious, then they could only track you back to your VPN server, and not to your real IP address.

You should never connect to Tor first and then to your VPN, since that defeats the entire point of using Tor. All your anonymized traffic which has been passed through various Tor nodes and circuits would then all pass through a single VPN server and therefore all be linked back together.

The exit node can't track you if you're connecting to an onion service. The exit node can only read the message if you're connecting to a .com, .org, .net etc. (clearnet) which can then be used to track you.

But, they can't read the message if it's an onion service. Yeah, they may know you're using Tor and that you're also visiting a block explorer, but they can't know what you're viewing. This is only known by the one who runs the onion service. So, unless every Tor node is a honeypot AND the block explorer is ran by surveillance agencies, you're fine.

I don't know who the other guy you mentioned is, but McAfee was certainly a much bigger player than OP is. The person that "had an accident" in Greece was of a similar caliber probably. McAfee kept running his mouth against the government, kept criticizing. Wasn't there a time when he was considering running for president and he promised to make crypto an integral part of his campaign? He was a very controversial character indeed.   

I am not American though.

I've seen what they did to McAfee. His crime was avoiding his taxes. He got pwned in Spain. Died in a cell. I've never heard of a German guy that avoided his taxes getting pwned in the US by the German officers.

There were other examples too. Another one was the owner of btc-e. He got pwned in Greece... by the FEDs. How is that possible?

Not a particular one. I am just assuming that in the same way that a three-letter agency can set up and run their own Electrum servers, they might be able to set up and run their own TOR routers to examine the traffic that runs through them and take a closer look at those individuals that might be of interest to them.

Well, when I use Tor Browser and use the Tor version of the website, it won't see my home IP. The Tor blockchain explorer can log anything it wants; they won't see my home IP address and also every time I restart Tor Browser or open a new tab, I have a new Tor IP as well (at least when restarting). An attacker would need access to lots of Tor nodes to map my identity to the query on the website.

It's not as good as just asking your own home node locally, but if you don't have one, it's better than clearnet https://blockchair.com/ for example.

Sorry, I always mean seed words when I say 'keys'! Of course it's not technically correct anymore and it's definitely better (in most cases) to save the seed words instead, since we can derive many many private keys and addresses from one such seed.

I'm sorry, I was way too unspecific. When I can't access a node of mine to query my balances and transactions, I start up Tor Browser and use a Tor block explorer. Tor Browser gives me a new relay circuit every time indeed; and as said above, it's hard to trace the query back to myself due to Onion routing (it's in the name! ) as well.

You might want to check out a decentralized, KYC-free, open-source exchange that runs completely over Tor by default, by the way.. not sure it has enough liquidity in your country, though. https://bisq.network/

If the police are non-existent then how could you go to prison that's kind of confusing. or maybe you're saying the police only show up when you don't need them. i could understand that maybe.