----- Original Message ----- > From: Ted Smith <[email protected]> > To: "[email protected]" > <[email protected]> > Cc: > Sent: Monday, November 12, 2012 8:00 PM > Subject: Re: [Freedombox-discuss] FreedomBox and Bitcoin (and the petition) > > On Mon, 2012-11-12 at 14:13 -0800, Jonathan Wilkes wrote: > >> I'm with you so far. >> >> > >> > When the attacker has the IP address of a Bitcoin address, they're > one >> > step away from getting the underlying home address -- but they have to >> > go through either the legal system or an existing attack. That's > "one >> > step," but it's not an easy step. >> >> It's as easy as whichever of your so-called "work levels" is > available to the >> attacker. For example, work level 1 for the FBI or state law enforcement >> (or city law enforcement if you live in NY) is extremely easy. > > It might sound easy (propaganda from both sides of the privacy debate > have an interest in making it appear easy), but in reality, how many > people are employed full time in order for that to happen?
My initial point might not have been clear. To keep an ISP from spying it makes no sense to grab a different IP from the pool every time you view a web page-- this will not impede the ISP from reviewing their log of your activity if they chose (or were obliged) to do so. Similarly, if the Bitcoin user's intent is to keep the entire world from being able to tell which Bitcoin transactions are theirs, spawning a new address only protects them in the laziest of all possible worlds. If they use TAILS the logging I describe most likely goes away, but you didn't say it's a significant amount of work to spy on users of Bitcoin who are running it on TAILS-- we were talking about Bitcoin usage in general. In that case the user's IP can (and probably does in some cases on blockchain.info) get tied to the user's transaction. The ease with which the owner of that IP address can be revealed is a separate matter. Wrt FBX I suppose this wouldn't matter if FBX were being designed from the start to communicate exclusively over Tor, but that doesn't sound like the plan, so we have to assess the software in terms of how it works on the normal internet, even if TAILS solves all the problems I'm talking about (which I think it does). -Jonathan _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
