1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
Return-Path: <andrewlecody@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id B899B7AA
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 18 Aug 2015 23:57:01 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-oi0-f41.google.com (mail-oi0-f41.google.com
[209.85.218.41])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 0E67E214
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 18 Aug 2015 23:57:01 +0000 (UTC)
Received: by oiew67 with SMTP id w67so91878764oie.2
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 18 Aug 2015 16:57:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:content-type; bh=tKn31XBw6NiiTwS1RofI4hVPV4uPxbAPlxuryEM7Bks=;
b=eWuen5jGxda/8D8a1NF0jc6VZB1VVwgHHrjnd3GHfu83x6J6SHBcjbnxom+r7ecsHj
0TBWAmbrgpXK0Ze/hi6bqX7T9wOYMZ33Q8Wd5DVTm3zWzDWOAJUeJR+4JlPN2ZQi/5z7
UJ3knbbgrcV8vDN4/JYOu1UYjqbsYdP+0AVy7YboCXIJfW4fH3uOm0Qyff1C6fxQgjkW
urQlTlQm5rEZqJwuCsDTKPh/jUiCge6MYhXwnPIveFojJe7fRZa9lCEELbRXskgsVVVw
fxyhy76WVR7gm1XVuQoz8HkGmiYT8UOrN4I8m9JY9z1V3tfWA7k2j0qsUe63lM2sI2iT
Q1eQ==
X-Received: by 10.202.78.67 with SMTP id c64mr7901504oib.48.1439942220523;
Tue, 18 Aug 2015 16:57:00 -0700 (PDT)
MIME-Version: 1.0
References: <20150818233130.7A22815F000@c-in3ws--03-03.sv2.lotuslive.com>
In-Reply-To: <20150818233130.7A22815F000@c-in3ws--03-03.sv2.lotuslive.com>
From: Andrew LeCody <andrewlecody@gmail.com>
Date: Tue, 18 Aug 2015 23:56:51 +0000
Message-ID: <CAEX2NSdrGO3DDevJYwgweM=s_V1D6t1JE_FWU1WiAPFS69-T_w@mail.gmail.com>
To: F L <bitcoin@hellokitty.com.sg>, bitcoin-dev@lists.linuxfoundation.org
Content-Type: multipart/alternative; boundary=001a11c16a988d2f9e051d9eacb2
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Bitcoin XTs Tor IP blacklist downloading system
has significant privacy leaks.
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Aug 2015 23:57:01 -0000
--001a11c16a988d2f9e051d9eacb2
Content-Type: text/plain; charset=UTF-8
This should probably be posted on the BitcoinXT mailing-list, as Bitcoin
Core does not currently include this feature.
On Tue, Aug 18, 2015 at 6:36 PM F L via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> Bitcoin XT contains an unmentioned addition which periodically downloads
> lists of Tor IP addresses for blacklisting, this has considerable privacy
> implications for hapless users which are being prompted to use the
> software. The feature is not clearly described, is enabled by default, and
> has a switch name which intentionally downplays what it is doing
> (disableipprio). Furthermore these claimed anti-DoS measures are trivially
> bypassed and so offer absolutely no protection whatsoever.
>
> Connections are made over clearnet even when using a proxy or onlynet=tor,
> which leaks connections on the P2P network with the real location of the
> node. Knowledge of this traffic along with uptime metrics from
> bitnodes.io can allow observers to easily correlate the location and
> identity of persons running Bitcoin nodes. Denial of service can also be
> used to crash and force a restart of an interesting node, which will cause
> them to make a new request to the blacklist endpoint via the clearnet on
> relaunch at the same time their P2P connections are made through a proxy.
> Requests to the blacklisting URL also use a custom Bitcoin XT user agent
> which makes users distinct from other internet traffic if you have access
> to the endpoints logs.
>
>
>
> https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f5b68aa4c23
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
--001a11c16a988d2f9e051d9eacb2
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">This should probably be posted on the BitcoinXT mailing-li=
st, as Bitcoin Core does not currently include this feature.</div><br><div =
class=3D"gmail_quote"><div dir=3D"ltr">On Tue, Aug 18, 2015 at 6:36 PM F L =
via bitcoin-dev <<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org=
">bitcoin-dev@lists.linuxfoundation.org</a>> wrote:<br></div><blockquote=
class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc soli=
d;padding-left:1ex"><span style=3D"font-family:Arial,Helvetica,sans-serif">=
<div dir=3D"ltr">
Bitcoin XT contains an unmentioned addition which periodically downloads l=
ists of Tor IP addresses for blacklisting, this has considerable privacy im=
plications for hapless users which are being prompted to use the software.=
=C2=A0 The feature is not clearly described, is enabled by default, and has=
a switch name which intentionally downplays what it is doing (disableippri=
o).=C2=A0 Furthermore these claimed anti-DoS measures are trivially bypasse=
d and so offer absolutely no protection whatsoever.<br>
<br>
Connections are made over clearnet even when using a proxy or onlynet=3Dto=
r, which leaks connections on the P2P network with the real location of the=
node.=C2=A0 Knowledge of this traffic along with uptime metrics from <a hr=
ef=3D"http://bitnodes.io" target=3D"_blank">bitnodes.io</a> can allow obser=
vers to easily correlate the location and identity of persons running Bitco=
in nodes.=C2=A0 Denial of service can also be used to crash and force a res=
tart of an interesting node, which will cause them to make a new request to=
the blacklist endpoint via the clearnet on relaunch at the same time their=
P2P connections are made through a proxy.=C2=A0 Requests to the blacklisti=
ng URL also use a custom Bitcoin XT user agent which makes users distinct f=
rom other internet traffic if you have access to the endpoints logs.=C2=A0<=
/div>
<div dir=3D"ltr">
<br>
=C2=A0</div>
<div dir=3D"ltr">
<a href=3D"https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8fae=
a9c2b2c785a2f5b68aa4c23" target=3D"_blank">https://github.com/bitcoinxt/bit=
coinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f5b68aa4c23</a></div>
</span><br>
_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">=
bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org/mail=
man/listinfo/bitcoin-dev</a><br>
</blockquote></div>
--001a11c16a988d2f9e051d9eacb2--
|
