----- Original Message -----

From: Ted Smith <tedks@riseup.net> To: freedombox-discuss <freedombox-discuss@lists.alioth.debian.org> Cc: Sent: Tuesday, November 13, 2012 8:51 AM Subject: Re: [Freedombox-discuss] FreedomBox and Bitcoin (and the petition)

[...]

For reference, it's really, really, really hard to take web browsing and make it anonymous. Forcing every connection from browsers to go through Tor won't help you anywhere near as much as it does for Bitcoin. Bitcoin has already done 99% of the hard work building a protocol that is totally (as far as either of us can tell) anonymous if it's _just_ tunneled through Tor without any other filtering.

When I referred to "these" attacks going away, I was talking about implementations of the Kaminsky attack, or efforts to link an IP address with a transaction even without connecting to all nodes (say, making inferences from the data available at blockchain.info). Bitcoin behind Tor still isn't anonymous in many obvious ways. I refuse to respond to a phrase as fatuous as "totally anonymous", but if the system really protected its users' identity[1] in a practical way then the "coin taint" discussions and (unfortunately) implementations by some services would not be possible. Bitcoin is not Chaumian cash-- which _would_ give the user the kind of anonymity to protect against a self-destructive coin-tainting scheme since it's untraceable. Whatever definition of "totally anonymous" you're using, it is false. That is just one of the consequences of Bitcoin not being anonymous, and there are many other problems with transactions linking to user identity. You should have a look at http://bitcoin.org/ if you don't understand the technology and its (non-)features, and ask questions on a Bitcoin-specific list or forum for more information. -Jonathan [1] The Bitcoin-behind-Tor user is trusting that no one will care about the inferences that can be gleaned from a database that holds every single transaction ever made. Even in the best of circumstances where this user doesn't leak _any_ identifying information out of band, the "coin taint" problem shows that they cannot be immune to such an attack. Whether we like it or not, "coin that well-known Bitcoin service foo claimed was stolen" is mathematically provable, uniquely-identifying information that _will_ currently break that Bitcoin's fungibility. There have been ways proposed to address this, but it's sheer confusion to claim "total anonymity" for Bitcoin-behind-Tor in its current state. _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE