š
Original date posted:2014-12-01
š Original message:Hi Gregory,
response below quote:
> > Since this attack vector has been discussed, I started making some
> > measurements on how effective it is to connect to Bitcoin using Tor,
> > and I found that the number of connections dropping to near-zero is
> > a situation which occurs rather frequently, which suggests that there
> > is still room to improve on the DoS handling.
>
> I'm confused by this, I run quite a few nodes exclusively on tor and
> chart their connectivity and have seen no such connection dropping
> behaviour.
>
> Can you tell me more about how you measured this?
>
When you say "running exclusively on Tor", what do you mean exactly?
Do you also connect or allow connections through hidden services?
I made outbound connections through Tor exit points the only way to
connect to Bitcoin, and increased the number of allowed outbound
connection in order to get more meaningful values.
Lately, I could see unusual behaviour at:
* 2014-11-28 13:14 UTC
* 2014-11-25 07:32 UTC
* 2014-11-24 13:06 UTC
Anything I should look into?
> [As an aside I agree that there are lots of things to improve here,
> but the fact that users can in theory be forced off of tor via DOS
> attacks is not immediately concerning to me because its a conscious
> choice users would make to abandon their privacy (and the behaviour of
> the system here is known and intentional). There are other mechanisms
> available for people to relay their transactions than connecting
> directly to the bitcoin network; so their choice isn't just abandon
> privacy or don't use bitcoin at all.]
>
I think this issue is more important than it seems.
Firstly, when running Tor-only, there are still attack vectors which
make use of the DoS protection deficiencies.
Secondly, if we tell people not to connect directly if they want
privacy, how do we ensure that these indirect methods will not come
with implications for their privacy?
Best regards,
Isidor
Isidor Zeuner [ARCHIVE] /
npub1wzā¦2jvxz
2023-06-07 15:27:38
in reply to nevent1qā¦6nq4
Author Public Key
npub1wz2sm8h4ylh9dn28688vjzwrmhaxnh3jl04p8jk3qeq7umwf8cus72jvxzPublished at
2023-06-07 15:27:38Event JSON
{
"id": "bccee982894c9ee8b5478a8cc8de9af7edc3a5707af15c288ded621676ad1f04",
"pubkey": "70950d9ef527ee56cd47d1cec909c3ddfa69de32fbea13cad10641ee6dc93e39",
"created_at": 1686151658,
"kind": 1,
"tags": [
[
"e",
"aa6f4a583b3a6686edd3886328939a36834ecf395b67c0a67ebdec900123a41a",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "š
Original date posted:2014-12-01\nš Original message:Hi Gregory,\n\nresponse below quote:\n\u003e \u003e Since this attack vector has been discussed, I started making some\n\u003e \u003e measurements on how effective it is to connect to Bitcoin using Tor,\n\u003e \u003e and I found that the number of connections dropping to near-zero is\n\u003e \u003e a situation which occurs rather frequently, which suggests that there\n\u003e \u003e is still room to improve on the DoS handling.\n\u003e\n\u003e I'm confused by this, I run quite a few nodes exclusively on tor and\n\u003e chart their connectivity and have seen no such connection dropping\n\u003e behaviour.\n\u003e\n\u003e Can you tell me more about how you measured this?\n\u003e\n\nWhen you say \"running exclusively on Tor\", what do you mean exactly?\nDo you also connect or allow connections through hidden services?\n\nI made outbound connections through Tor exit points the only way to\nconnect to Bitcoin, and increased the number of allowed outbound\nconnection in order to get more meaningful values.\n\nLately, I could see unusual behaviour at:\n\n* 2014-11-28 13:14 UTC\n* 2014-11-25 07:32 UTC\n* 2014-11-24 13:06 UTC\n\nAnything I should look into?\n\n\u003e [As an aside I agree that there are lots of things to improve here,\n\u003e but the fact that users can in theory be forced off of tor via DOS\n\u003e attacks is not immediately concerning to me because its a conscious\n\u003e choice users would make to abandon their privacy (and the behaviour of\n\u003e the system here is known and intentional). There are other mechanisms\n\u003e available for people to relay their transactions than connecting\n\u003e directly to the bitcoin network; so their choice isn't just abandon\n\u003e privacy or don't use bitcoin at all.]\n\u003e\n\nI think this issue is more important than it seems.\n\nFirstly, when running Tor-only, there are still attack vectors which\nmake use of the DoS protection deficiencies.\n\nSecondly, if we tell people not to connect directly if they want\nprivacy, how do we ensure that these indirect methods will not come\nwith implications for their privacy?\n\nBest regards,\n\nIsidor",
"sig": "5312b00dbea884cb43e40fc5e4e4c1211e8a852d5c5f563e3ff1eee23d1aa22c6a23da93aed4163efdb888ccf7639dade3e3c78bd4ad5602df965a406e3a5105"
}