Topic: Privacy Questions: Public Servers, TOR, VPN, etc. - page 2. (Read 544 times)
If you want to use Bitcoin with more privacy, use Bitcoin + multi altcoin Coinomi desktop wallet from British Virgin Islands - www.coinomi.com - they use their own servers and have only network fees. Plus they have built in exchange and debit card support for crypto buying. Or if you want 100% privacy, use Monero altcoin desktop wallet with stealth receiving addresses - http://featherwallet.org
5) Do the desktop hardware wallet apps for Ledger, Trezor, BitBox, etc. (also the desktop hot wallet apps) run through TOR (if I am running TOR on my desktop, or even running Brave)? I have not been able to dig up that info myself. Is running TOR when using these apps even worthwhile, or is a VPN good enough?
You can run Trezor through Tor. You can even run it in fully Trustless mode by not relying on Trezor's servers and downloading and running your own instead.Ledger currently has no Tor option as far as I know, unless you are running it in Whonix and doing the Tor part yourself. Even then, I would not trust them because it is not fully Open Source.
My top suggestion is still the first. Open Source hardware, Open Source software, no Third Parties.
-
Regards,
PrivacyG
4) Is there any way to coinjoin/mix/whatever so that the output does NOT LOOK tumbled?
You are most likely talking about steganography, which is a practice of hiding the fact that you are hiding something. CoinJoin transactions and centralized mixing services have a certain fingerprint: it is sometimes very easy to tell common transactions from "special" ones aimed at obfuscation of transaction source and destination. Steganography is the opposite of that: it makes all transactions look similar; it is a great tool that helps you get lost in the crowd: among 'normal' people who don't care their privacy is being infringed. How do you hide the fact that you're interested in preserving your confidentiality? The answer is swaps. CoinSwaps, Monero swaps, different kinds of swaps, where you exchange your history with people you don't know. In the blockchain, a swap appears like a regular transaction, usually like a self-transfer, but it almost always involves changing ownership over particular coins. I trade my bitcoin for Monero, then trade that Monero for someone else's bitcoin, effectively breaking the traceability of my transactions by replacing them with someone else's transactions.
Another option is to use RoboSats to swap on chain bitcoin for Lightning bitcoin, or vice versa.To do that, you are going to need a software called SatStack.
Alternatively, if you are running your own node anyway, then you can interact with your hardware wallet via either Electrum or Sparrow which is pointed at your own node or Electrum server to maintain privacy. 
5) Do the desktop hardware wallet apps for Ledger, Trezor, BitBox, etc. (also the desktop hot wallet apps) run through TOR (if I am running TOR on my desktop, or even running Brave)? I have not been able to dig up that info myself.
Ledger Live doesn't have a TOR on/off switch integrated into the app, but there is a way to take advantage of TOR features with Ledger Live as well. You can run your own Bitcoin onion node and connect that with your Ledger Live client. To do that, you are going to need a software called SatStack. The idea is to not connect to Ledger servers and the explorers they use. Read this article for more information if you are interested:
https://support.ledger.com/hc/en-us/articles/5989580852125-Don-t-doxx-your-UTXOs?docs=true
SatStack GitHub page:
https://github.com/LedgerHQ/satstack/releases/tag/v0.17.0
Setup instructions:
https://github.com/LedgerHQ/satstack#manual-setup-for-advanced-users
1) I have read here at BTCTalk that public servers (when transmitting BTC) can read entire wallet histories, thereby lowering privacy. If I use a VPN and/or TOR, would the first public server node likely be in "my area" (if I connect my VPN to Singapore and I'm actually in Spain for example)?
2) Similarly to above, if I run another transaction later that day, is it likely that that second tx be picked up by that same public server? Or better to switch the VPN exit to Malaysia?
2) Similarly to above, if I run another transaction later that day, is it likely that that second tx be picked up by that same public server? Or better to switch the VPN exit to Malaysia?
None of that matters. I think you're overvaluing the method by which you connect to servers, hoping that your method of connecting is helping you remain private and secure. It's not.
For example; if you are always changing your IP through Tor or VPN, but always connect to the same server, that server operator knows it's the same wallet connecting every time despite the different IP addresses. Connecting to different public SPV servers every time only distributes your transactions to more server operators, increasing the potential that someone will use the data to target you. There's no method of connecting to a public server that will guaranty your privacy.
Realistically, the only way to privately use a wallet that needs an SPV server connection is to run your own server. Electrum Personal Server is easy to use, very light, and will provide you the privacy you seek.
3) If the above does NOT help my privacy much, perhaps storing BTC quietly in various wallets (seeds + passwords) help? My issue here is that I want to be able to conveniently remember where all my BTC is without having to remember 10 wallets (w/ seeds and passwords).
That could help, but it seems like a lot of trouble. It would be much easier to just use Bitcoin Core as your main wallet, and effectively achieve the same results. Core doesn't need to connect to SPV servers, and if you use each address only once then you're taking full advantage of Bitcoin's inherent privacy features.
4) Is there any way to coinjoin/mix/whatever so that the output does NOT LOOK tumbled? Or run each UTXO afterwards through various further transactions (hops?) to hide the trail? Does that term "hop" mean a transaction that just moves those BTC a bit further along?
Not that I know of, but you could use a P2P exchange to trade your bitcoin for bitcoin with a different transaction history. Personally, I use Bisq to do just that. I trade my bitcoin for Monero, then trade that Monero for someone else's bitcoin, effectively breaking the traceability of my transactions by replacing them with someone else's transactions.
5) Do the desktop hardware wallet apps for Ledger, Trezor, BitBox, etc. (also the desktop hot wallet apps) run through TOR (if I am running TOR on my desktop, or even running Brave)? I have not been able to dig up that info myself. Is running TOR when using these apps even worthwhile, or is a VPN good enough?
I can only speak about Electrum, Sparrow, and Trezor Suite since they're the only ones I've used extensively. All will allow Tor connections, but you need Tor running as a service. If you have the Tor Projects browser installed it'll run Tor as a service while the browser is running, but it shuts down the Tor background service as soon as you close all the browser windows. Tor Project's website has instructions on how to run Tor as a background service for Windows and Linux. It's a very light daemon, and uses very few resources, so there's no reason not to have it running by default as soon as the computer boots up.
Good luck.
...
Thank you all very much for your answers, lots of food for thought. Good stuff.
If I think of other related issues, I'll pass them along.
Thank you all very much for your answers, lots of food for thought. Good stuff.
If I think of other related issues, I'll pass them along.
4) Is there any way to coinjoin/mix/whatever so that the output does NOT LOOK tumbled?
There's obviously not a direct, straight answer to this, because each individual can recognize mixed coins in different manner. What might be mixed might not look mixed, and what might not be mixed might look mixed. A coinjoin is definitely going to look mixed, because there are like hundreds of inputs, which create hundreds of outputs. Reputable mixers are going to give you seemingly mixed coins as well.Why do you want that? The point of mixing coins is to have them looking mixed. It's not to look you're the owner of someone else's coins. It's to just obfuscate.
4) Is there any way to coinjoin/mix/whatever so that the output does NOT LOOK tumbled?
I've seen few member suggest using mixer or coinjoin which doesn't create specific output amount and only involve few participant (for coinjoin). But i don't know whether if you can actually deceive blockchain analysis service with such method.
Or run each UTXO afterwards through various further transactions (hops?) to hide the trail? Does that term "hop" mean a transaction that just moves those BTC a bit further along?
AFAIK "hop" means creating multiple transaction which has chain shape.
Code:
TX0 -> TX1 -> TX2 -> ...
5) Do the desktop hardware wallet apps for Ledger, Trezor, BitBox, etc.
From your questions you seem to want to avoid getting your transactions / addresses get linked together.
And then for this point I will add that SPV wallets (like Electrum or like Ledger Live) will most probably help others link your addresses together, since they ask from their server the history/latest transactions for many addresses of your wallet.
So imho a good approach for your privacy is to have your own Bitcoin node (and for your HW it's not that hard to install an Electrum server on top of that for local use, and use Electrum wih your HW and your local server).
1. Is likely an "it depends" relayed by used to be something that was easy to track when the network was smaller. Nowadays I don't think it is - it's likely a bunch of miners/pools get most of these requests. Also, from the UK my connection to Germany and Ireland is of similar round trip time to that of Singapore and Japan (~80ms).
2. It might do something if you enable location moving or autoconnect, but there's a good chance it'll do nothing too. There's also a chance you'll make yourself more traceable if you're not using tor (which generally selects "random" routes)
3. Hardware wallets did well to teach me you don't need 10 different nmemonics for 10 different wallets you can either utilise different nmemonic extensions or different derivation paths to generate different wallets. Remembering what each are for might be hard (especially if there's 10 or more) but you can put a lot of hints in the wallet file name and potentially add descriptions (such as labelling the first address in electrum).
4. Afaik coinjoin is meant to make it look like your coins haven't been mixed. The downside to using it is that the other person or people in the join might've mixed their funds before the transfer was done. There's ways to break the chain thoggh (such as by using bisq to convert to an altcoin and then convert it back later on on a different non kyc exchange). There are likely mixers out there that don't look like mixers too, bitmixer.io used to handle their withdrawals like an exchange did so they were really hard to track without having someone determined enough.
5. I have a trezor and connect trezor suite through tør and it works fine. I don't know about ledger but I assume it works the same - both of those hardware wallets can run through electrum too where they can also be used over tor. (I don't remember is electrum has onion nodes or if you're just meant to use the proxy settings for tor though - I used to run tor browser and proxy through that, it's easier to set up than it sounds).
2. It might do something if you enable location moving or autoconnect, but there's a good chance it'll do nothing too. There's also a chance you'll make yourself more traceable if you're not using tor (which generally selects "random" routes)
3. Hardware wallets did well to teach me you don't need 10 different nmemonics for 10 different wallets you can either utilise different nmemonic extensions or different derivation paths to generate different wallets. Remembering what each are for might be hard (especially if there's 10 or more) but you can put a lot of hints in the wallet file name and potentially add descriptions (such as labelling the first address in electrum).
4. Afaik coinjoin is meant to make it look like your coins haven't been mixed. The downside to using it is that the other person or people in the join might've mixed their funds before the transfer was done. There's ways to break the chain thoggh (such as by using bisq to convert to an altcoin and then convert it back later on on a different non kyc exchange). There are likely mixers out there that don't look like mixers too, bitmixer.io used to handle their withdrawals like an exchange did so they were really hard to track without having someone determined enough.
5. I have a trezor and connect trezor suite through tør and it works fine. I don't know about ledger but I assume it works the same - both of those hardware wallets can run through electrum too where they can also be used over tor. (I don't remember is electrum has onion nodes or if you're just meant to use the proxy settings for tor though - I used to run tor browser and proxy through that, it's easier to set up than it sounds).
...
Please forgive n00bishness of these questions, but I (and perhaps others) would appreciate knowing more. Please also excuse me if my terminology is incorrect, but I believe the point of each question is clear enough. I ask these as a non-tech person, seeking to enhance my privacy in an easy as possible way. I am not in a position to run my own node for example. Even SparrowWallet looks daunting (ie their coinjoin feature), as do the websites offering coinjoin services.
1) I have read here at BTCTalk that public servers (when transmitting BTC) can read entire wallet histories, thereby lowering privacy. If I use a VPN and/or TOR, would the first public server node likely be in "my area" (if I connect my VPN to Singapore and I'm actually in Spain for example)?
2) Similarly to above, if I run another transaction later that day, is it likely that that second tx be picked up by that same public server? Or better to switch the VPN exit to Malaysia?
3) If the above does NOT help my privacy much, perhaps storing BTC quietly in various wallets (seeds + passwords) help? My issue here is that I want to be able to conveniently remember where all my BTC is without having to remember 10 wallets (w/ seeds and passwords).
And for that matter...:
4) Is there any way to coinjoin/mix/whatever so that the output does NOT LOOK tumbled? Or run each UTXO afterwards through various further transactions (hops?) to hide the trail? Does that term "hop" mean a transaction that just moves those BTC a bit further along?
5) Do the desktop hardware wallet apps for Ledger, Trezor, BitBox, etc. (also the desktop hot wallet apps) run through TOR (if I am running TOR on my desktop, or even running Brave)? I have not been able to dig up that info myself. Is running TOR when using these apps even worthwhile, or is a VPN good enough?
Thank you for your comments!
Please forgive n00bishness of these questions, but I (and perhaps others) would appreciate knowing more. Please also excuse me if my terminology is incorrect, but I believe the point of each question is clear enough. I ask these as a non-tech person, seeking to enhance my privacy in an easy as possible way. I am not in a position to run my own node for example. Even SparrowWallet looks daunting (ie their coinjoin feature), as do the websites offering coinjoin services.
1) I have read here at BTCTalk that public servers (when transmitting BTC) can read entire wallet histories, thereby lowering privacy. If I use a VPN and/or TOR, would the first public server node likely be in "my area" (if I connect my VPN to Singapore and I'm actually in Spain for example)?
2) Similarly to above, if I run another transaction later that day, is it likely that that second tx be picked up by that same public server? Or better to switch the VPN exit to Malaysia?
3) If the above does NOT help my privacy much, perhaps storing BTC quietly in various wallets (seeds + passwords) help? My issue here is that I want to be able to conveniently remember where all my BTC is without having to remember 10 wallets (w/ seeds and passwords).
And for that matter...:
4) Is there any way to coinjoin/mix/whatever so that the output does NOT LOOK tumbled? Or run each UTXO afterwards through various further transactions (hops?) to hide the trail? Does that term "hop" mean a transaction that just moves those BTC a bit further along?
5) Do the desktop hardware wallet apps for Ledger, Trezor, BitBox, etc. (also the desktop hot wallet apps) run through TOR (if I am running TOR on my desktop, or even running Brave)? I have not been able to dig up that info myself. Is running TOR when using these apps even worthwhile, or is a VPN good enough?
Thank you for your comments!
Jump to: