1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
Return-Path: <christophe.biocca@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id B18E47AA
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 19 Aug 2015 01:08:03 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-ig0-f176.google.com (mail-ig0-f176.google.com
[209.85.213.176])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4566811E
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 19 Aug 2015 01:08:01 +0000 (UTC)
Received: by igui7 with SMTP id i7so96744787igu.1
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 18 Aug 2015 18:08:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=O+hfscyTaFAPpLSILCfBaVDra9cYt9izAccXnDCVE3A=;
b=CScdHJtE2OJebIHuhxmZSr51Z/UQWVN3LwHWdxZbbJEkYCpVeWw6FF3fmd3+eaYIV3
pcw5krM9dqhRJf6Ex4XTGjf4RrmIZocLcdpCOQHk1TkB+Pur52j3vxj+Dq/n2GaIcE9x
73ewtazlV3nEQzxPMr2tTwfiHq1RKp2QAgyLT4pZ7Vtaph2skRTClR1JDPNkVIKWOyKH
ItldRM/JgZTXxIePFOhSJWZNau8X0i/2atJAB68DJJzu5woFd5fpfYFp1e8z5JvuUH6k
uQNOSxevAs9r24FRFCreNTJ2Z1WGPWwYYONJZdlFkAZ8uArQZOzyvJxTRNT9t5DpSV15
ABFw==
MIME-Version: 1.0
X-Received: by 10.50.79.196 with SMTP id l4mr24142207igx.48.1439946481159;
Tue, 18 Aug 2015 18:08:01 -0700 (PDT)
Received: by 10.36.208.206 with HTTP; Tue, 18 Aug 2015 18:08:01 -0700 (PDT)
Date: Tue, 18 Aug 2015 21:08:01 -0400
Message-ID: <CANOOu=_8BA1REkjRA3OUU_UEk6iOkQDW7=C8bEByAFGF4KHrbg@mail.gmail.com>
From: Christophe Biocca <christophe.biocca@gmail.com>
To: bitcoin-dev@lists.linuxfoundation.org
Content-Type: text/plain; charset=UTF-8
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM,
RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: [bitcoin-dev] Bitcoin XTs Tor IP blacklist downloading system has
significant privacy leaks.
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Aug 2015 01:08:03 -0000
So I checked, and the code described *does not* run when behind a
proxy of any kind, including tor:
https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f5b68aa4c23#diff-11780fa178b655146cb414161c635219R265
At least based on my admittedly weak understanding of how the internal works.
Hopefully I save the next reader of your post from also having to dig
around to find the code and realize this is a false alert.
On Tue, Aug 18, 2015 at 6:36 PM F L via bitcoin-dev <
bitcoin-dev at lists.linuxfoundation.org> wrote:
> Bitcoin XT contains an unmentioned addition which periodically downloads
> lists of Tor IP addresses for blacklisting, this has considerable privacy
> implications for hapless users which are being prompted to use the
> software. The feature is not clearly described, is enabled by default, and
> has a switch name which intentionally downplays what it is doing
> (disableipprio). Furthermore these claimed anti-DoS measures are trivially
> bypassed and so offer absolutely no protection whatsoever.
>
> Connections are made over clearnet even when using a proxy or onlynet=tor,
> which leaks connections on the P2P network with the real location of the
> node. Knowledge of this traffic along with uptime metrics from
> bitnodes.io can allow observers to easily correlate the location and
> identity of persons running Bitcoin nodes. Denial of service can also be
> used to crash and force a restart of an interesting node, which will cause
> them to make a new request to the blacklist endpoint via the clearnet on
> relaunch at the same time their P2P connections are made through a proxy.
> Requests to the blacklisting URL also use a custom Bitcoin XT user agent
> which makes users distinct from other internet traffic if you have access
> to the endpoints logs.
>
>
>
> https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f5b68aa4c23
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
|