[tor-talk] Anonymous Publishing Is Dead.

Karel BĂ­lek kb at karelbilek.com
Mon Jul 2 06:09:49 PDT 2012


afaik, some people tracked down silk road, because they don't use
anonymization for bitcoin.

you can request some really small amount of money from silkroad to
your bitcoin address repeatedly, and then try to find their node in
p2p bitcoin network by heuriatics, based on how fast the information
comes from each node (the faster ones->closer to actual silkroad
node).

I heard it could be tracked this way and is in Netherlands ;)

anyway the moral of the story is to use bitcoin also with tor

k

On 7/2/12, Eugen Leitl <eugen at leitl.org> wrote:
> ----- Forwarded message from antispam06 at sent.at -----
>
> From: antispam06 at sent.at
> Date: Sun, 01 Jul 2012 18:39:33 +0200
> To: tor-talk at lists.torproject.org
> Subject: Re: [tor-talk] Anonymous Publishing Is Dead.
> X-Mailer: MessagingEngine.com Webmail Interface
> Reply-To: tor-talk at lists.torproject.org
>
> On Sun, Jul 1, 2012, at 14:20, Edward Thompson wrote:
>> 2. Email. I signed up for mailoo.org through Tor, I believe. But for all
>> practical purposes, you could easily get a disposable e-mail address
>> through a Firefox plugin called Bloody Vikings. Otherwise, pretty much
>> any web mail will do... just war drive and sign up through the first
>> open wi-fi connection you find ;)
>
> Hmm... I already do something like that. And I tell you that most free
> providers are a pain to work with. And that includes all the major
> players. They are all going to punish you with a long annoying
> reidentification which will prove zero security just because you change
> location. And they do have the time and computing power just to try to
> locate you any other possible way as their business model is tightly
> integrated with tracking and selling private data.
>
> Disposable email is good for accessing some resource once. Otherwise is
> a pain in the rear.
>
>> 3. Bitcoins. Yes, block chains are not that anonymous, especially
>> considering the difficulty of buying them legitimately in the first
>> place. How about a coin mixing service like www.bitcoinfog.com? Their
>> methodology is very interesting, and it seems like you'd be able to
>> 'launder' ordinary coins, bought legitimately through an exchange...
>> There are a few other sites like this one:
>> http://vzpzbfwsrvhfuzop.onion.to
>
> I spent some time reading about bitcoin. It's a miracle discovery. It's
> a proof about non conventional methods being able to compete with the
> conventional financial transaction type. But I fail to see the anonimity
> side of things. It's so nice. It's sooo geeky. It employs silly terms to
> scare the layman like mining. Or worse, it has terms with a clear
> equivalent in conventional finance like wallet. My grandma knows she can
> watch over her wallet and things would be all right. And if someone
> forces her she can go to the police station and declare the theft. Till
> version 0.6 there was no protection from theft with BC. Crap concept
> with junk application from the point of view of annonimity. Each time
> some conspiracy theorist starts making sense I remind myself that people
> (programmers are people, aren't they?) are above all stupid followed
> closely by lazy. Just take a look at the way FF is developed: in the era
> of Facebook developers are doing their best to shed MORE data instead of
> patching up the holes. By holes I don't mean Secunia security holes, but
> privacy holes.
>
>> 4. Do you really need your own dedicated VPS?! And only in developed
>> Western countries? Have you checked out this list of BTC-friendly
>> servers:
>
> Actually any service should be checked for its origin or place of doing
> business. Always remember the case of Hide My Ass which proved to be
> full of Holes if you allow such a gross joke. They weren't keeping logs
> till pressured. Than they said everybody is obliged under law to keep
> logs. And to prove the indolence of their users: they are still in
> business, trapping flies for the government. On the other hand, servers
> hosted outside the reach of certain totalitarian governments are blocked
> on the crime of spam or copyright infringement. If these were anything
> but hassle (see the problems with the free webmail above) yahoo and
> google would have offered email only between their users.
>
>> Anyway, my point is that there are ways to acquire BTC, randomised
>> enough not to be a concern, after which you can buy all the hosting (and
>> related) services your heart desires. And if your threat model
>> encompasses an organisation with vast resources, like the NSA for
>> example, consider that they haven't yet managed to track down the guys
>> running the Silk Road drug site (http://silkroadvb5piz3r.onion)... ;)
>
> Usually this kind of trafic is tolerated because they want to catch a
> bigger fish. Sometimes services like that are set up by the
> investigating authorities. And some other times they set it up
> independently just for the sake of compensating the budget restrictions
> (those drones are mighty expensive, mind you).
>
> Cheers
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
> ----- End forwarded message -----
> --
> Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
> ______________________________________________________________
> ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
> 8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE





More information about the cypherpunks-legacy mailing list