M.Hearn adds privacy depriority to Bitcoin XT, calls your Tor/Proxy/etc use "unimportant"
http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010379.ht... https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f... Bitcoin XT contains an unmentioned addition which periodically downloads lists of Tor IP addresses for blacklisting, this has considerable privacy implications for hapless users which are being prompted to use the software. The feature is not clearly described, is enabled by default, and has a switch name which intentionally downplays what it is doing (disableipprio). Furthermore these claimed anti-DoS measures are trivially bypassed and so offer absolutely no protection whatsoever. ...
On Tue, Aug 18, 2015 at 7:07 PM grarpamp <grarpamp@gmail.com> wrote:
http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010379.ht...
https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f...
Bitcoin XT contains an unmentioned addition which periodically downloads lists of Tor IP addresses for blacklisting, this has considerable privacy implications for hapless users which are being prompted to use the software. The feature is not clearly described, is enabled by default, and has a switch name which intentionally downplays what it is doing (disableipprio). Furthermore these claimed anti-DoS measures are trivially bypassed and so offer absolutely no protection whatsoever.
The feature is very clearly described on the BitcoinXT web site, and you're mischaracterizing it by saying BitcoinXT downloads the list "for blacklisting." It is a DoS protection feature that ONLY comes into play under overload. And yes, BitcoinXT considers Tor connections "less important" than non-anonymous connections during attacks. You may not agree that that's a good heuristic, but if that's your problem with it, say so.
"Anti-DoS attack improvements, by Mike Hearn. It's currently possible to jam a Bitcoin node by connecting to it repeatedly via different IP addresses, as there is a fixed limit on how many connections a node will accept. Once full, no other peers or wallets can connect to it any more and serving capacity for new nodes and P2P wallets is reduced. If the attack is repeated against every node, the entire network could become jammed. "This patch set introduces code that runs when a node is full and otherwise could not accept new connections. It labels and prioritises connections according to lists of IP ranges: if a high priority IP address connects and the node is full, it will disconnect a lower priority connection to make room. Currently Tor exits are labelled as being lower priority than regular IP addresses, as jamming attacks via Tor have been observed, and most users/merchants don't use it. In normal operation this new code will never run. If someone performs a DoS attack via Tor, then legitimate Tor users will get the existing behaviour of being unable to connect, but mobile and home users will still be able to use the network without disruption." Please specify how that is "misleading" or "downplaying."
On Fri, Aug 28, 2015 at 1:03 PM, Sean Lynch <seanl@literati.org> wrote:
http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010379.ht... https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f...
you're mischaracterizing it Please specify how that is "misleading" or "downplaying."
No, go read and ask the former link's author from where it was directly quoted to specify.
say so
Ok, it's bullshit. Not least of which because Tor's measly 1000 exits are nothing in comparison to genuine "dDoS" by significant actors against Bitcoin, let alone the load from a million normal lusers and their lesser infected PC's, and everyone's tools they're using to interface with BTC. Nor will Tor amount to anything when banks and nation states start to get scared and attack digital currencies. Where's the blocking code for that and their IP ranges? You'll be lucky if users amount to anything there either. And the internet has already characterized Mike's seemingly apparent anti-privacy and corporate modes, but I'll let the net continue to sort that out. Happy now? ;) Tor users are humans too and as such hold the same rights as everyone else. Anyone who thinks otherwise can fuck off.
The feature is very clearly described on the BitcoinXT web site, and you're mischaracterizing it by saying BitcoinXT downloads the list "for blacklisting." It is a DoS protection feature that ONLY comes into play under overload. And yes, BitcoinXT considers Tor connections "less important" than non-anonymous connections during attacks. You may not agree that that's a good heuristic, but if that's your problem with it, say so. From https://bitcoinxt.software/patches.html: ... Please specify how that is "misleading" or "downplaying."
Because the XT stands for nsa-eXTensions. No really, Hearn is a joke, has been consistently working to weaken bitcoin since 2013. In any case nobody gives a dime about XT: https://bitbet.us/bet/1191/the-hearn-gavin-scamcoin-will-fizzle-in-2016/ But they are still trying to push the hardfork and other assorted shit in BIP100/BIP101 etc. On Tue, Aug 18, 2015 at 11:07 PM, grarpamp <grarpamp@gmail.com> wrote:
http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010379.ht...
https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f...
Bitcoin XT contains an unmentioned addition which periodically downloads lists of Tor IP addresses for blacklisting, this has considerable privacy implications for hapless users which are being prompted to use the software. The feature is not clearly described, is enabled by default, and has a switch name which intentionally downplays what it is doing (disableipprio). Furthermore these claimed anti-DoS measures are trivially bypassed and so offer absolutely no protection whatsoever. ...
-- Brenda Fernández me@brendafernandez.com GPG: CE5BEE6C81FCA4D4 <http://pgp.mit.edu/pks/lookup?op=get&search=0xCE5BEE6C81FCA4D4>
participants (3)
-
Brenda Fernández -
grarpamp -
Sean Lynch