Hello there, quote: > Please see also the following: > > https://cpunks.org//pipermail/cypherpunks/2014-November/005971.html >
I agree about the severity of the Tor/Bitcoin issue, but I see no point in bashing Bitcoin's financial privacy characteristics as the linked pages seem to do. Bitcoin can be useful as a part of a strategy to improve on privacy, but it does not intend to be a run-and-forget solution for doing so. A lot of issues found in this context can actually be traced back to Tor's characteristics already known before. It's just that Bitcoin makes Tor's deficiencies more measurable - before Bitcoin, those interested in researching how Tor performs in an automated context where a much smaller community. In the end, I guess both projects can benefit from the research we can do now. > Respect, > > - -Odinn > > Jeff Garzik: > > I don't recall being contacted directly, but the attack has been > > discussed. It relies on a number of conditions. For example, if > > you are over Tor, they try to kick the machine off Tor, _assuming_ > > that it will fall back to non-Tor. That's only true for dual stack > > nodes, which are not really 100% anonymous anyway -- you're > > operating from your public IP anyway. > > Generally, it cannot be said that the attack vector described here is irrelevant for non-dual-stack nodes. An attacker might not be able to collect IP addresses of Tor-only nodes, but he can try to kick the users from all Tor exit nodes he does not control, and proceed with other attacks when a large number of Tor-only users connect through his Tor exit node(s). Since this attack vector has been discussed, I started making some measurements on how effective it is to connect to Bitcoin using Tor, and I found that the number of connections dropping to near-zero is a situation which occurs rather frequently, which suggests that there is still room to improve on the DoS handling. Best regards, Isidor ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
