1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <gmaxwell@gmail.com>) id 1XtojB-00023c-QL
for bitcoin-development@lists.sourceforge.net;
Thu, 27 Nov 2014 02:22:41 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.213.170 as permitted sender)
client-ip=209.85.213.170; envelope-from=gmaxwell@gmail.com;
helo=mail-ig0-f170.google.com;
Received: from mail-ig0-f170.google.com ([209.85.213.170])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1XtojB-000623-2V
for bitcoin-development@lists.sourceforge.net;
Thu, 27 Nov 2014 02:22:41 +0000
Received: by mail-ig0-f170.google.com with SMTP id r2so9487987igi.3
for <bitcoin-development@lists.sourceforge.net>;
Wed, 26 Nov 2014 18:22:35 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.107.168.18 with SMTP id r18mr31067288ioe.76.1417054955771;
Wed, 26 Nov 2014 18:22:35 -0800 (PST)
Received: by 10.107.18.65 with HTTP; Wed, 26 Nov 2014 18:22:35 -0800 (PST)
In-Reply-To: <20141127020947.A13D2E19A09@quidecco.de>
References: <CAJHLa0N6+hpwNECpHUSiKuj4-BYohh=Wr1DP=67Ff8xVBsi8-Q@mail.gmail.com>
<54760A50.201@riseup.net> <20141127020947.A13D2E19A09@quidecco.de>
Date: Thu, 27 Nov 2014 02:22:35 +0000
Message-ID: <CAAS2fgRSxBmyDg5R7WgisB-XmhrpGVKHXQpchtL-Ow0xDQAziA@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Isidor Zeuner <cryptocurrencies@quidecco.de>
Content-Type: text/plain; charset=UTF-8
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(gmaxwell[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1XtojB-000623-2V
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P
network paper
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 27 Nov 2014 02:22:41 -0000
> Since this attack vector has been discussed, I started making some
> measurements on how effective it is to connect to Bitcoin using Tor,
> and I found that the number of connections dropping to near-zero is
> a situation which occurs rather frequently, which suggests that there
> is still room to improve on the DoS handling.
I'm confused by this, I run quite a few nodes exclusively on tor and
chart their connectivity and have seen no such connection dropping
behaviour.
Can you tell me more about how you measured this?
[As an aside I agree that there are lots of things to improve here,
but the fact that users can in theory be forced off of tor via DOS
attacks is not immediately concerning to me because its a conscious
choice users would make to abandon their privacy (and the behaviour of
the system here is known and intentional). There are other mechanisms
available for people to relay their transactions than connecting
directly to the bitcoin network; so their choice isn't just abandon
privacy or don't use bitcoin at all.]
|
