Pages:
Author

Topic: "You should assume your IP address can be associated with you.." -Gavin Anderson (Read 4920 times)

legendary
Activity: 4760
Merit: 1283

Speaking of TOR, this just popped up on my fixture news search tab:

  http://in.reuters.com/article/2014/07/22/cybercrime-conference-talk-tor-idINKBN0FR05V20140722

The banking crisis of the 2007-ish timeframe was partially solved by changing the accounting rules for banks (or allowing certain rules to not be ignored and assets 'marked to model') which kept banks in the banks balance sheets in the black or close enough.  It looks to me like the robustness for purpose for TOR might be solved in a substantively different but equally ludicrous manner.

sr. member
Activity: 266
Merit: 250

Or you could use blockchain.info and use TOR to connect to blockchain.info

I've never been able to fully access the wallet section of blockchain.info using TOR, anybody else had these problems?

Though TOR is not safe anymore itself unless you are taking multiple other steps with it together.

If you look at cases where people have been identified when using TOR it's because they either had the stupid idea of logging into personally identifiable accounts at the same time as logging onto other sites they shouldn't be on.

People who assume TOR itself will keep you hidden are naive and wrong, how can one piece of software hide your identity if your foolish enough to do something like log into Facebook while on Silk Road?

Always assume someone is watching and prepare from that. That's why Bitcoin is so great, sure you can say address x did x transaction at y time, but you can't prove address x belongs to me unless I've confirmed ownership somewhere else. You could even apply this rule to IP addresses, sure that IP address is mine but can you prove it was it was me on my machine? For all you know it could have been a relative staying over or someone who decided to crack my AP and abuse it.

Tor traffic and messages are suppose to be encrypted and randomly routed to the destination. Meaning logging in silk road and facebook at the same time shouldn't compromise the user identity.
If you log into both from the same computer then an attacker could potentially do a timing attack against you.

In order for TOR to work best, it is important that you do not use any other browsers to programs connected to the internet when using TOR.
legendary
Activity: 1358
Merit: 1000
you have to be encrypting the data on your computer while offline and then sending it online with the end user already knowing how to decrypt the

data having met u in person and being provided with the decryption method their is no other possible way for it to be secure

also assuming your encryption method is strong enough not to be cracked

and when your encrypting the data offline you have to be sure their isn't a dormant process running that will deliver stored content

when your computer comes online, also yes your ip packet will always be identifiable,

can someone post a screen shot of an packet delivered on the tor network

the bitcoin blockchain is supposed to be secure because it cannot be reproduced

which is a combination of network power and encryption
full member
Activity: 185
Merit: 100

Or you could use blockchain.info and use TOR to connect to blockchain.info

I've never been able to fully access the wallet section of blockchain.info using TOR, anybody else had these problems?

Though TOR is not safe anymore itself unless you are taking multiple other steps with it together.

If you look at cases where people have been identified when using TOR it's because they either had the stupid idea of logging into personally identifiable accounts at the same time as logging onto other sites they shouldn't be on.

People who assume TOR itself will keep you hidden are naive and wrong, how can one piece of software hide your identity if your foolish enough to do something like log into Facebook while on Silk Road?

Always assume someone is watching and prepare from that. That's why Bitcoin is so great, sure you can say address x did x transaction at y time, but you can't prove address x belongs to me unless I've confirmed ownership somewhere else. You could even apply this rule to IP addresses, sure that IP address is mine but can you prove it was it was me on my machine? For all you know it could have been a relative staying over or someone who decided to crack my AP and abuse it.

Tor traffic and messages are suppose to be encrypted and randomly routed to the destination. Meaning logging in silk road and facebook at the same time shouldn't compromise the user identity.

legendary
Activity: 910
Merit: 1000
★YoBit.Net★ 350+ Coins Exchange & Dice
Was their an article or something orignaly ?
OP now just says "X" - I assume their was something more exciting relating to an article or blog post or some thing worth discussing ?

Kinda annoyed I missed it. If anyone can link that would be great Smiley ??

Thanks peoples
hero member
Activity: 661
Merit: 502

Or you could use blockchain.info and use TOR to connect to blockchain.info

I've never been able to fully access the wallet section of blockchain.info using TOR, anybody else had these problems?

Though TOR is not safe anymore itself unless you are taking multiple other steps with it together.

If you look at cases where people have been identified when using TOR it's because they either had the stupid idea of logging into personally identifiable accounts at the same time as logging onto other sites they shouldn't be on.

People who assume TOR itself will keep you hidden are naive and wrong, how can one piece of software hide your identity if your foolish enough to do something like log into Facebook while on Silk Road?

Always assume someone is watching and prepare from that. That's why Bitcoin is so great, sure you can say address x did x transaction at y time, but you can't prove address x belongs to me unless I've confirmed ownership somewhere else. You could even apply this rule to IP addresses, sure that IP address is mine but can you prove it was it was me on my machine? For all you know it could have been a relative staying over or someone who decided to crack my AP and abuse it.
member
Activity: 98
Merit: 10
★☆★Bitin.io★☆★
Why not just go to the library lol

I don't want to go to the library every time I buy or send bitcoins. A VPN that doesn't keep logs is a much simpler solution. 
You could really just use TOR to use bitcoin. As long as an adversary doesn't previously suspect that you are using bitcoin then you have basically 0 chance of any kind of timing attack

That is probably the simplest solution. I must admit I don't know how to connect my wallet to TOR but this discussion has inspired me to find out.

From the TOR Wiki

Quote
Run bitcoind with -proxy=127.0.0.1:9050 (or whatever your SocksPort is).
bitcoind will detect that you are using a proxy on 9050 and will force the "nolisten" flag. If you are not running tor on 9050, you need to set "nolisten" manually otherwise you will listen on your public IP and possibly reveal that you are running a node.

Thanks for sharing that. I don't do anything illegal or even suspicious with bitcoin but I value my privacy. I also have a healthy fear of hackers seeing that I run a node. 
legendary
Activity: 1974
Merit: 1029
I've never been able to fully access the wallet section of blockchain.info using TOR, anybody else had these problems?

I periodically fire up Tails (ie. tor) to mix my coins via blockchain.info's service. No problem so far.
hero member
Activity: 910
Merit: 530
$5 24k Gold FREE 4 sign-up! Mene.com/invite/h5ZRRP

Or you could use blockchain.info and use TOR to connect to blockchain.info

I've never been able to fully access the wallet section of blockchain.info using TOR, anybody else had these problems?

Though TOR is not safe anymore itself unless you are taking multiple other steps with it together.
hero member
Activity: 815
Merit: 1000
Well an IP is simply a number associated with a certain cable output. If said cable goes to your house.. well of course that IP can be tied to you, its basically an electronic address!

Add to that google, facebook and NSA datamining and I hope its not a surprise to anyone ever.
member
Activity: 84
Merit: 10
Why not just go to the library lol

I don't want to go to the library every time I buy or send bitcoins. A VPN that doesn't keep logs is a much simpler solution. 
A) I don't want to go to the library every time I use bitcoins.

Also, they can track wallets. (I believe)
So you'd have to generate a new wallet AND use a crappy library internet connection. :I
hero member
Activity: 560
Merit: 500
★777Coin.com★ Fun BTC Casino!
I wonder if this is true for electrum wallets?

Definitely NOT if you're running electrum with a VPN connected.

Also, IP addresses are NOT stored in the blockchain.
newbie
Activity: 45
Merit: 0
Why not just go to the library lol

I don't want to go to the library every time I buy or send bitcoins. A VPN that doesn't keep logs is a much simpler solution. 
You could really just use TOR to use bitcoin. As long as an adversary doesn't previously suspect that you are using bitcoin then you have basically 0 chance of any kind of timing attack

That is probably the simplest solution. I must admit I don't know how to connect my wallet to TOR but this discussion has inspired me to find out.
You need to have your wallet program connect to the Vidalia proxy via localhost (in proxy settings)

Or you could use blockchain.info and use TOR to connect to blockchain.info
hero member
Activity: 700
Merit: 500
Still this is the type of thing that totally hurts the idea that bitcoin is really anonymous which is a big selling point on bitcoin.  Well better to know than not know I guess. But still I wasn't aware of this.
hero member
Activity: 661
Merit: 502
Why not just go to the library lol

I don't want to go to the library every time I buy or send bitcoins. A VPN that doesn't keep logs is a much simpler solution. 
You could really just use TOR to use bitcoin. As long as an adversary doesn't previously suspect that you are using bitcoin then you have basically 0 chance of any kind of timing attack

That is probably the simplest solution. I must admit I don't know how to connect my wallet to TOR but this discussion has inspired me to find out.

From the TOR Wiki

Quote
Run bitcoind with -proxy=127.0.0.1:9050 (or whatever your SocksPort is).
bitcoind will detect that you are using a proxy on 9050 and will force the "nolisten" flag. If you are not running tor on 9050, you need to set "nolisten" manually otherwise you will listen on your public IP and possibly reveal that you are running a node.
sr. member
Activity: 406
Merit: 250
Why not just go to the library lol

I don't want to go to the library every time I buy or send bitcoins. A VPN that doesn't keep logs is a much simpler solution. 
You could really just use TOR to use bitcoin. As long as an adversary doesn't previously suspect that you are using bitcoin then you have basically 0 chance of any kind of timing attack

That is probably the simplest solution. I must admit I don't know how to connect my wallet to TOR but this discussion has inspired me to find out.
member
Activity: 83
Merit: 10
Why not just go to the library lol

I don't want to go to the library every time I buy or send bitcoins. A VPN that doesn't keep logs is a much simpler solution. 
You could really just use TOR to use bitcoin. As long as an adversary doesn't previously suspect that you are using bitcoin then you have basically 0 chance of any kind of timing attack
member
Activity: 98
Merit: 10
★☆★Bitin.io★☆★
Why not just go to the library lol

I don't want to go to the library every time I buy or send bitcoins. A VPN that doesn't keep logs is a much simpler solution. 
full member
Activity: 159
Merit: 100
Why not just go to the library lol
full member
Activity: 210
Merit: 100
 x

Its not too difficult to change your IP before broadcasting transactions or after broadcasting a transaction:

http://whatismyipaddress.com/change-ip - Requires you to insert a different MAC Addresses into your router homepage and unplug it for 5 mins.
https://www.privateinternetaccess.com/ - Bitcoin Accepted here!!

Edit: Clarity

The issue here is the ISP has log which can point it to you if someone want to spy on you.

Changing IP doesn't solve the problem.
If you are using a VPN that you are certain does not keep logs then a transaction that you broadcast would be associated with the VPN's IP address and the absence of logs would make it difficult/impossible to link the VPN back to you.

Another solution would be to use TOR, as the transaction would be associated with the TOR exit node and I don't think there are any attacks on TOR that can be done to find someone's identity via TOR that can be done retroactively.
Pages:
Jump to: