Pages:
Author

Topic: Privacy and Security (Read 1818 times)

hero member
Activity: 672
Merit: 500
June 24, 2015, 03:22:17 PM
#24
When using Tor, dont forget to disable javascript,java,Flash,ActiveX.
All that fancy stuff could and will leak your true ip.

one big problem most users under estimate is Browser fingerprinting,
http://www.golem.de/news/browser-fingerprinting-tracking-geht-auch-ohne-cookies-1310-102253.html
since each browser can be configured by many possibilities, chances are high these are unique.
legendary
Activity: 1750
Merit: 1036
Facts are more efficient than fud
June 23, 2015, 09:49:46 PM
#23
Good starting point for researching TOR's possible weaknesses:

We must fix the internet so as to maintain the fundamental End-to-end principle. The designers forgot to build Tor into it when they designed it. And Tor has serious flaws; most importantly it can be Sybil attacked.
Tor has been praised for providing privacy and anonymity to vulnerable Internet users such as political activists fearing surveillance and arrest, ordinary web users seeking to circumvent censorship, and women who have been threatened with violence or abuse by stalkers. The U.S. National Security Agency (NSA) has called Tor "the king of high-secure, low-latency Internet anonymity".

americanfolklore.net/folklore/2010/07/brer_rabbit_meets_a_tar_baby.html

https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous

https://blog.torproject.org/blog/hidden-services-need-some-love

https://www.google.com/search?q=Tor+correlation+attack

https://www.google.com/search?q=Tor+sybil+attack

https://www.google.com/search?q=Tor+exit+node+attack

https://en.wikipedia.org/wiki/Tor_%28anonymity_network%29#Exit_node_eavesdropping

Furthermore, Egerstad is circumspect about the possible subversion of Tor by intelligence agencies:[101]

   
Quote
If you actually look in to where these Tor nodes are hosted and how big they are, some of these nodes cost thousands of dollars each month just to host because they're using lots of bandwidth, they're heavy-duty servers and so on. Who would pay for this and be anonymous?

legendary
Activity: 3500
Merit: 6981
Top Crypto Casino
June 22, 2015, 11:12:39 PM
#22
sir rappelzreborn could say that to paypal for instances if they implement into bitcoin market the use into paypal to that currency coin would be good for more security.

I do not think the English language works the way you think it works.
legendary
Activity: 1750
Merit: 1036
Facts are more efficient than fud
June 22, 2015, 06:48:04 AM
#21
Security is more important than Privacy.
                                                                      



I would say that if you don't see how the two are inextricably linked, then you missed what happens when hackers steal private information  (Target, et al) and destroy victim's security.

"Give me liberty or give me death!" would now read, "Give me protection from the minuscule threat of a Terror Cell and here is my pin, my passwords, my emails, my location 24/7, pics of my wife...my dog...my kids, here's every phone conversation I ever had, my medical history,  my eating habits, my exercise habits, here is my friend's and family's linked meta data reamed through a processor to create psych profiles so the government can go minority report and prevent any loose cannons, here's my life captured in digital form so my real body is protected from things that rarely happen ever, here is my voluntary cooperation in the greatest control apparatus ever devised, here is where information still means power and I just gave both away so I don't get a lottery's chance of being blown up by a stranger."  

Everything comes back to the fight or flight instinct and over-socialization industrialization docilification has made most men a herd of skitish sheep "bahing" for their Overlord Shepherd to protect them from the digitally recorded "howl' playing on CNN from the time they wake-up to the time they lay down in a bed of Ambian prescribed sleep.
hero member
Activity: 532
Merit: 500
June 21, 2015, 09:13:27 PM
#20
Security is more important than Privacy.
                                                                       
sr. member
Activity: 350
Merit: 250
June 21, 2015, 07:39:42 AM
#19
This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.

malwaretips.com/blogs/malware-removal-guide-for-windows/


Best solution: don't use windows. I was sick of getting viruses all the time so switched to ubuntu. It's 99% safer in my opinion and the liklihood of getting a virus is next to nothing. Plus, I much prefer linux anyway and you can download ubuntu for free. You can boot it from a cd-r or usb as well without installing it so you can text it out to see if you like it.

Yeah Linux, like best things in life, is free Smiley
legendary
Activity: 1750
Merit: 1036
Facts are more efficient than fud
June 21, 2015, 07:18:23 AM
#18
This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.

malwaretips.com/blogs/malware-removal-guide-for-windows/


Best solution: don't use windows. I was sick of getting viruses all the time so switched to ubuntu. It's 99% safer in my opinion and the liklihood of getting a virus is next to nothing. Plus, I much prefer linux anyway and you can download ubuntu for free. You can boot it from a cd-r or usb as well without installing it so you can text it out to see if you like it.

I use an air gapped linux to secure my Moneroj. More adaptable than a Trezor and you can play games on it.  Wink
full member
Activity: 165
Merit: 100
June 21, 2015, 04:30:26 AM
#17
This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.

malwaretips.com/blogs/malware-removal-guide-for-windows/


Best solution: don't use windows. I was sick of getting viruses all the time so switched to ubuntu. It's 99% safer in my opinion and the liklihood of getting a virus is next to nothing. Plus, I much prefer linux anyway and you can download ubuntu for free. You can boot it from a cd-r or usb as well without installing it so you can text it out to see if you like it.
legendary
Activity: 1750
Merit: 1036
Facts are more efficient than fud
June 20, 2015, 07:46:39 PM
#16
There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalksearch.org/topic/m.11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?



I thought there was a vulnerability recently found in Tor that leaves it open to man in the middle attacks. I don't know if it's any use to the tax authorities, but they might pay professionals to exploit it if they thought they could make money from it.

Half of tor nodes are operated by government spy agencies and the rest are hackers trying to figure out who is doing what, I think that says it all, what we are doing with signed messages is eliminating all unnecessary communication over the internet and unsafe database storage of the passwords, a simple hash that verifies that you are you no email no tor that simple.

Gotcha, so your main concern is password security. As far TOR goes, I can't find a definitive article on how broke or unbroken it is, but it still is preferable (as far as privacy is concerned) than clear net and can be made better by certain practices, though I2P would be the preferred method for near/complete/better-than security.

I think I'm going to take some time tomorrow and see if i can't find some more definitive materials on TOR and perhaps I2P. I'd like to gather materials for the OP for quick reference for those who are interested in securing their finances and identification but aren't sure where to begin.

If anyone has any links they think would be useful, please post them. The more general or panoptic ones I'll try to include in the OP.
hero member
Activity: 794
Merit: 1000
Monero (XMR) - secure, private, untraceable
June 20, 2015, 05:18:49 PM
#15
^From https://torstatus.blutmagie.de/:
Quote
Total Number of Routers:   6716
It seems 2000$ per day would be enough for half the nodes.
full member
Activity: 673
Merit: 106
June 20, 2015, 03:35:09 PM
#14
There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalksearch.org/topic/m.11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?



I thought there was a vulnerability recently found in Tor that leaves it open to man in the middle attacks. I don't know if it's any use to the tax authorities, but they might pay professionals to exploit it if they thought they could make money from it.

Half of tor nodes are operated by government spy agencies and the rest are hackers trying to figure out who is doing what, I think that says it all, what we are doing with signed messages is eliminating all unnecessary communication over the internet and unsafe database storage of the passwords, a simple hash that verifies that you are you no email no tor that simple.
member
Activity: 68
Merit: 10
June 20, 2015, 11:11:01 AM
#13
There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalksearch.org/topic/m.11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?



I thought there was a vulnerability recently found in Tor that leaves it open to man in the middle attacks. I don't know if it's any use to the tax authorities, but they might pay professionals to exploit it if they thought they could make money from it.
legendary
Activity: 1750
Merit: 1036
Facts are more efficient than fud
June 20, 2015, 07:29:56 AM
#12
There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalksearch.org/topic/m.11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?

sr. member
Activity: 350
Merit: 250
June 20, 2015, 07:10:52 AM
#11
There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.
legendary
Activity: 2156
Merit: 1131
June 20, 2015, 03:14:19 AM
#10
So all you are likely to get here are comments from n00bs that don't really know what is going on. Or general statements from experts who don't want to spill all the beans yet.

It is our duty to educate the noobs.
full member
Activity: 673
Merit: 106
June 20, 2015, 02:07:24 AM
#9
I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalksearch.org/topic/m.11617728


Marinecoin DEV
marinecoin.org
legendary
Activity: 1750
Merit: 1036
Facts are more efficient than fud
June 20, 2015, 01:31:51 AM
#8
For me , I think everyone will get his privacy when people start sharing their real life informations like Residence , Passport or ID/Driver licence.
https://bitcointalksearch.org/topic/bitcoin-exchanges-contradiction-1093168 , one other thing is simply using multiple adresses (different each transaction) like Satoshi said and then everyone will be fine . But for now seems like no one is doing that so yeah .. no privacy

I believe the problem with relying unquestioningly on multiple address use is that once one wallet is linked to an ID, then all the addresses can be linked to that address by analytic tools like this: https://www.elliptic.co/anti-money-laundering/ It may not link you to any crime, but may be enough to blacklist those wallets and make using those coins difficult (or force you to pay a premium to spend them) in certain jurisdictions. Or worse put you on an auditing list of your local tax collection agency.

A big part of privacy is unlinkability--either you have it, or you don't.
hero member
Activity: 686
Merit: 500
June 20, 2015, 01:22:57 AM
#7
sir rappelzreborn could say that to paypal for instances if they implement into bitcoin market the use into paypal to that currency coin would be good for more security.

not sure what you but We don't need any comapanies like Paypal, Google , Facebook, Twitter or other big famous website to start working with Bitcoin because they will screw it over and screw our privacy over , they will start asking for our real informations and it won't be decentralized shit anymore then your account gets limited most likely for using fake informations and your you won't see your BTC forever, we'ere just fine !
sr. member
Activity: 252
Merit: 250
June 20, 2015, 01:14:24 AM
#6
sir rappelzreborn could say that to paypal for instances if they implement into bitcoin market the use into paypal to that currency coin would be good for more security.
hero member
Activity: 686
Merit: 500
June 20, 2015, 01:03:04 AM
#5
For me , I think everyone will get his privacy when people start sharing their real life informations like Residence , Passport or ID/Driver licence.
https://bitcointalksearch.org/topic/bitcoin-exchanges-contradiction-1093168 , one other thing is simply using multiple adresses (different each transaction) like Satoshi said and then everyone will be fine . But for now seems like no one is doing that so yeah .. no privacy
Pages:
Jump to: