|
Title: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: zeroday on August 20, 2015, 02:42:37 PM Quote Bitcoin XT contains an unmentioned addition which periodically downloads Source: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010379.htmllists of Tor IP addresses for blacklisting, this has considerable privacy implications for hapless users which are being prompted to use the software. The feature is not clearly described, is enabled by default, and has a switch name which intentionally downplays what it is doing (disableipprio). Furthermore these claimed anti-DoS measures are trivially bypassed and so offer absolutely no protection whatsoever. Connections are made over clearnet even when using a proxy or onlynet=tor, which leaks connections on the P2P network with the real location of the node. Knowledge of this traffic along with uptime metrics from bitnodes.io can allow observers to easily correlate the location and identity of persons running Bitcoin nodes. Denial of service can also be used to crash and force a restart of an interesting node, which will cause them to make a new request to the blacklist endpoint via the clearnet on relaunch at the same time their P2P connections are made through a proxy. Requests to the blacklisting URL also use a custom Bitcoin XT user agent which makes users distinct from other internet traffic if you have access to the endpoints logs. https://github.com/bitcoinxt/bitcoinxt/commit/73c9efe74c5cc8faea9c2b2c785a2f5b68aa4c23 To conclude. NSA/CIA can run simple ddos attack which activates "Anti-DDOS" backdoor in XT client which blocks Tor connections and de-anonimyzes users by revealing their real IP addresses. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: knight22 on August 20, 2015, 02:45:37 PM So basically don’t use TOR if bitcoin is being DDOSed.
Gotcha. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: zeroday on August 20, 2015, 02:50:02 PM So basically don’t use TOR if bitcoin is being DDOSed. Gotcha. Your answer is pretty clear. So basically give up privacy. Gotcha. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: manselr on August 20, 2015, 02:50:52 PM So basically don’t use TOR if bitcoin is being DDOSed. Gotcha. What dumb workaround is this and how do you even know Bitcoin is being DDOSed in before hand? That just makes 0 sense. Also all the options are set on by default which will mean all noobs dont even know whats going on. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: croTek4 on August 20, 2015, 02:56:19 PM Zeroday is filling in for TurtleHurricane today.
Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: knight22 on August 20, 2015, 02:56:39 PM So basically don’t use TOR if bitcoin is being DDOSed. Gotcha. Your answer is pretty clear. So basically give up privacy. Gotcha. It's not giving up privacy. It’s not like bitcoin will always be under DDOS or there would be a problem. If that happens there are other means to achieve privacy anyway. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: zeroday on August 20, 2015, 03:18:56 PM It's not giving up privacy. It’s not like bitcoin will always be under DDOS or there would be a problem. If that happens there are other means to achieve privacy anyway. How will you comment this finding:Quote Connections are made over clearnet even when using a proxy or source: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-August/010379.htmlonlynet=tor, which leaks connections on the P2P network with the real location of the node. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: LiteCoinGuy on August 20, 2015, 03:21:09 PM Zeroday is filling in for TurtleHurricane today. ;) - maybe the turtle has two accounts Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: ChetnotAtkins on August 20, 2015, 03:28:48 PM One seriously has to wonder how some characters here still defend XT after all the recent revelations. Why exactly do you use/ like Bitcoin?
I for one view it as a decentralized monetary system, that allows me to store and transfer my wealth globally without any limitations of borders and jurisdictions while retaining complete privacy. If XT is a measure to undermine this fantastic invention then what does it say about the people who support it? Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: meono on August 20, 2015, 03:36:02 PM One seriously has to wonder how some characters here still defend XT after all the recent revelations. Why exactly do you use/ like Bitcoin? I for one view it as a decentralized monetary system, that allows me to store and transfer my wealth globally without any limitations of borders and jurisdictions while retaining complete privacy. If XT is a measure to undermine this fantastic invention then what does it say about the people who support it? Speak for yourself, some kind of character you got there Are you sure you dont have a mental issue? This is what you wrote, isnt it Already have there been dubious code segments detected in XT's code base. XT is a trojan horse that plans to base it's hostile takeover of Bitcoin on manipulating the notoriously stupid masses. I for one will dump ALL my Bitcoins immediately on the XT chain, should it ever be tradeable, which will certainly not be without effect. Bitcoin simply cannot be in control of two people with very questionable motives and tactics. It is a tool of the cypherpunks How are developers responding to this severe limitation of Bitcoin's usage. There are currently 72000 (!) unconfirmed transactions but it seems they don't really want to acknowledge it. Perhaps set a limit of tx/s to discourage spamming the mempool and block malicious nodes. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: Elwar on August 20, 2015, 03:46:37 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code.
Why didn't they just keep the Core code except add the block size upgrade? Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: Lauda on August 20, 2015, 03:51:47 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code. Because the intentions of Hearn aren't pure. Obviously if it was only about the block size, then the XT client would only contain a increased block size limit. However it contains controversial patches that they call "bug fixes", all that were rejected when proposed to Core for being buggy and whatnot.Why didn't they just keep the Core code except add the block size upgrade? Also, it can't contain a 'backdoor', since it is open source. People just need to check the source code themselves to verify, which is different from the classic backdoors (usually within finished products). Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: Sitarow on August 20, 2015, 03:52:54 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code. Why didn't they just keep the Core code except add the block size upgrade? I agree with you completely. As I have posted before. ""Bitcoin XT" is like getting Thrush in your mouth. This is the result of yeast permitted to overgrow as a result of taking antibiotics to destroy all good and bad bacteria in your body." Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: turvarya on August 20, 2015, 03:56:25 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code. Because BitcoinXT exists since Jan 6, 2014Why didn't they just keep the Core code except add the block size upgrade? https://github.com/bitcoinxt/bitcoinxt/commits/master?page=100 Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: Elwar on August 20, 2015, 04:01:08 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code. Because BitcoinXT exists since Jan 6, 2014Why didn't they just keep the Core code except add the block size upgrade? https://github.com/bitcoinxt/bitcoinxt/commits/master?page=100 Yes, but the block size code was only recently added. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: Thekool1s on August 20, 2015, 04:12:28 PM So basically don’t use TOR if bitcoin is being DDOSed. Gotcha. What dumb workaround is this and how do you even know Bitcoin is being DDOSed in before hand? That just makes 0 sense. Also all the options are set on by default which will mean all noobs dont even know whats going on. Exactly but few greedy people know what will happen at exact time ;) Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: turvarya on August 20, 2015, 04:55:13 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code. Because BitcoinXT exists since Jan 6, 2014Why didn't they just keep the Core code except add the block size upgrade? https://github.com/bitcoinxt/bitcoinxt/commits/master?page=100 Yes, but the block size code was only recently added. Should they drop all their features, because people are to dumb to read? Oh, wait, they already made a version for that: https://github.com/bitcoinxt/bitcoinxt/tree/only-bigblocks Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: meono on August 20, 2015, 04:55:41 PM I think OP should edit the tittle of this thread now. Unless he is just a troll .... :-\
Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: turvarya on August 20, 2015, 05:01:26 PM So basically don’t use TOR if bitcoin is being DDOSed. Gotcha. What dumb workaround is this and how do you even know Bitcoin is being DDOSed in before hand? That just makes 0 sense. Also all the options are set on by default which will mean all noobs dont even know whats going on. Do you guys do any research ever? They same things are clarified over and over again, but seems like even long time members are just reading headlines. Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: meono on August 20, 2015, 05:06:41 PM So basically don’t use TOR if bitcoin is being DDOSed. Gotcha. What dumb workaround is this and how do you even know Bitcoin is being DDOSed in before hand? That just makes 0 sense. Also all the options are set on by default which will mean all noobs dont even know whats going on. Do you guys do any research ever? They same things are clarified over and over again, but seems like even long time members are just reading headlines. LOL right after you posted, an idiot showed up and did exactly that..... This forum never ceases to amaze me...... Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: Hazir on August 20, 2015, 05:09:22 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code. Because XT developers are fulfilling government's mission to castrate bitcoin and change it to bring it in line with other payment methods.Why didn't they just keep the Core code except add the block size upgrade? Upgrading only block size with XT was never their only purpose. If this will go live we will have 'civil' version of bitcoin... Title: Re: Bitcoin XT has backdoor that may reveal real IP address of its users? Post by: meono on August 20, 2015, 05:31:09 PM I think a lot of people are changing their minds on XT after the addition of blacklisting code. Because XT developers are fulfilling government's mission to castrate bitcoin and change it to bring it in line with other payment methods.Why didn't they just keep the Core code except add the block size upgrade? Upgrading only block size with XT was never their only purpose. If this will go live we will have 'civil' version of bitcoin... another FUD? lol |