Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id B899B7AA for ; Tue, 18 Aug 2015 23:57:01 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-oi0-f41.google.com (mail-oi0-f41.google.com [209.85.218.41]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 0E67E214 for ; Tue, 18 Aug 2015 23:57:01 +0000 (UTC) Received: by oiew67 with SMTP id w67so91878764oie.2 for ; Tue, 18 Aug 2015 16:57:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-type; bh=tKn31XBw6NiiTwS1RofI4hVPV4uPxbAPlxuryEM7Bks=; b=eWuen5jGxda/8D8a1NF0jc6VZB1VVwgHHrjnd3GHfu83x6J6SHBcjbnxom+r7ecsHj 0TBWAmbrgpXK0Ze/hi6bqX7T9wOYMZ33Q8Wd5DVTm3zWzDWOAJUeJR+4JlPN2ZQi/5z7 UJ3knbbgrcV8vDN4/JYOu1UYjqbsYdP+0AVy7YboCXIJfW4fH3uOm0Qyff1C6fxQgjkW urQlTlQm5rEZqJwuCsDTKPh/jUiCge6MYhXwnPIveFojJe7fRZa9lCEELbRXskgsVVVw fxyhy76WVR7gm1XVuQoz8HkGmiYT8UOrN4I8m9JY9z1V3tfWA7k2j0qsUe63lM2sI2iT Q1eQ== X-Received: by 10.202.78.67 with SMTP id c64mr7901504oib.48.1439942220523; Tue, 18 Aug 2015 16:57:00 -0700 (PDT) MIME-Version: 1.0 References: <20150818233130.7A22815F000@c-in3ws--03-03.sv2.lotuslive.com> In-Reply-To: <20150818233130.7A22815F000@c-in3ws--03-03.sv2.lotuslive.com> From: Andrew LeCody Date: Tue, 18 Aug 2015 23:56:51 +0000 Message-ID: To: F L , bitcoin-dev@lists.linuxfoundation.org Content-Type: multipart/alternative; boundary=001a11c16a988d2f9e051d9eacb2 X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Bitcoin XTs Tor IP blacklist downloading system has significant privacy leaks. X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Aug 2015 23:57:01 -0000 --001a11c16a988d2f9e051d9eacb2 Content-Type: text/plain; charset=UTF-8 This should probably be posted on the BitcoinXT mailing-list, as Bitcoin Core does not currently include this feature. On Tue, Aug 18, 2015 at 6:36 PM F L via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Bitcoin XT contains an unmentioned addition which periodically downloads > lists of Tor IP addresses for blacklisting, this has considerable privacy > implications for hapless users which are being prompted to use the > software. The feature is not clearly described, is enabled by default, and > has a switch name which intentionally downplays what it is doing > (disableipprio). Furthermore these claimed anti-DoS measures are trivially > bypassed and so offer absolutely no protection whatsoever. > > Connections are made over clearnet even when using a proxy or onlynet=tor, > which leaks connections on the P2P network with the real location of the > node. Knowledge of this traffic along with uptime metrics from > bitnodes.io can allow observers to easily correlate the location and > identity of persons running Bitcoin nodes. Denial of service can also be > used to crash and force a restart of an interesting node, which will cause > them to make a new request to the blacklist endpoint via the clearnet on > relaunch at the same time their P2P connections are made through a proxy. > Requests to the blacklisting URL also use a custom Bitcoin XT user agent > which makes users distinct from other internet traffic if you have access > to the endpoints logs. > > > > https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f5b68aa4c23 > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --001a11c16a988d2f9e051d9eacb2 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
This should probably be posted on the BitcoinXT mailing-li= st, as Bitcoin Core does not currently include this feature.

On Tue, Aug 18, 2015 at 6:36 PM F L = via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
=
Bitcoin XT contains an unmentioned addition which periodically downloads l= ists of Tor IP addresses for blacklisting, this has considerable privacy im= plications for hapless users which are being prompted to use the software.= =C2=A0 The feature is not clearly described, is enabled by default, and has= a switch name which intentionally downplays what it is doing (disableippri= o).=C2=A0 Furthermore these claimed anti-DoS measures are trivially bypasse= d and so offer absolutely no protection whatsoever.

Connections are made over clearnet even when using a proxy or onlynet=3Dto= r, which leaks connections on the P2P network with the real location of the= node.=C2=A0 Knowledge of this traffic along with uptime metrics from bitnodes.io can allow obser= vers to easily correlate the location and identity of persons running Bitco= in nodes.=C2=A0 Denial of service can also be used to crash and force a res= tart of an interesting node, which will cause them to make a new request to= the blacklist endpoint via the clearnet on relaunch at the same time their= P2P connections are made through a proxy.=C2=A0 Requests to the blacklisti= ng URL also use a custom Bitcoin XT user agent which makes users distinct f= rom other internet traffic if you have access to the endpoints logs.=C2=A0<= /div>

=C2=A0

_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--001a11c16a988d2f9e051d9eacb2--