On Tue, Aug 18, 2015 at 7:07 PM grarpamp <[1]grarpamp@gmail.com> wrote:

     [2]http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-Augus
     t/010379.html
     [3]https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9
     c2b2c785a2f5b68aa4c23
     Bitcoin XT contains an unmentioned addition which periodically
     downloads
     lists of Tor IP addresses for blacklisting, this has considerable
     privacy
     implications for hapless users which are being prompted to use the
     software. The feature is not clearly described, is enabled by
     default,
     and has a switch name which intentionally downplays what it is doing
     (disableipprio). Furthermore these claimed anti-DoS measures are
     trivially bypassed and so offer absolutely no protection whatsoever.

   The feature is very clearly described on the BitcoinXT web site, and
   you're mischaracterizing it by saying BitcoinXT downloads the list "for
   blacklisting." It is a DoS protection feature that ONLY comes into play
   under overload. And yes, BitcoinXT considers Tor connections "less
   important" than non-anonymous connections during attacks. You may not
   agree that that's a good heuristic, but if that's your problem with it,
   say so.
   From [4]https://bitcoinxt.software/patches.html:
   "Anti-DoS attack improvements, by Mike Hearn. It's currently possible
   to jam a Bitcoin node by connecting to it repeatedly via different IP
   addresses, as there is a fixed limit on how many connections a node
   will accept. Once full, no other peers or wallets can connect to it any
   more and serving capacity for new nodes and P2P wallets is reduced. If
   the attack is repeated against every node, the entire network could
   become jammed.
   "This patch set introduces code that runs when a node is full and
   otherwise could not accept new connections. It labels and prioritises
   connections according to lists of IP ranges: if a high priority IP
   address connects and the node is full, it will disconnect a lower
   priority connection to make room. Currently Tor exits are labelled as
   being lower priority than regular IP addresses, as jamming attacks via
   Tor have been observed, and most users/merchants don't use it. In
   normal operation this new code will never run. If someone performs a
   DoS attack via Tor, then legitimate Tor users will get the existing
   behaviour of being unable to connect, but mobile and home users will
   still be able to use the network without disruption."
   Please specify how that is "misleading" or "downplaying."

References

   1. mailto:grarpamp@gmail.com
   2. http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010379.html
   3. https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f5b68aa4c23
   4. https://bitcoinxt.software/patches.html