Bitcoin Forum

Any idea?

https://pbs.twimg.com/media/EEAorBUUwAApnnM?format=jpg&name=large

On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well. The executives have not made any statements regarding the matter, and the reason behind it remains unknown.

READ MORE: https://www.cryptopolitan.com/tor-browser-increases-bitcoin-theft/

it doesn't---no more than using firefox does.

i suspect localbitcoins is feeling very pressured by regulators (european commission, finnish government) regarding AML enforcement. i'm not sure if regulators are specifically telling them to clamp down on TOR (or VPN) usage, or if they are just trying to be proactive to please them. but this seems like an underhanded attempt to discourage IP address obfuscation techniques.

I'd be surprised if any security flaws were detected when using a Tor browser.

Although there was a critical bug in Firefox a few months back (see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707) which was fixed immediately.

Hasn' t localbitcoins also just announced that new verification rules and KYC will be introduced in the near future?

looks fishy.  :D

@Darooghe but you just connected through Tor, didn't you? There' s no message coming up for me.



I suppose that's exactly what it's going to come down to.
After all, Tor is a thorn in the side of all authorities.

Same here I don't see any message from their website while using Tor Browser.

it seems that he is the only who can see this warning from localbitcoins.

@Darooghe

Why not try to update your tor browser and maybe you are using an older version of TOR browser that is why you are getting this warning from localbitcoins or maybe you are accessing a fake localbitcoins website?

If you are using the previous version much better to update them because it is vulnerable to any risk like bitcoin theft or data theft. That is why they keep inform users to use the latest version to avoid this issue.

Even if there is a warning or not, we should always remember, that as long as we are online and no matter what kind of security software

we are using whether its TOR, VPN, etc, there will always be  risks of our systems being compromised by intruders. So I encourage

everybody that we should always be security conscious and be more observant of our systems defenses. Actually, I'm not worried about

using TOR being compromised, I'm worried about the increasing sophistication of social engineering attacks which is more prevalent these

days. Imho.

I find such a warning just bullshit probably just away of trying to make Tor browser less popular. LocalBitcoins just recently started to become strict on KYC so what i think they are trying to do is discourage people from using Tor so that their Online presence is easily traceable.
Some People lose bitcoins to scammers anyways so long as they are connected to the web and are so careless.
- "No one is safe"
- "No system is safe"

No one is safe and we know that, but now I'm curious to see what's happening and why localbitcoins are acusing tor browser, for me it's doens't make any sense, I can't find a reason that tor is riskier than another browsers  ???

Lol nice try on Localbitcoin's side. That's not true at all. It looks like they're just desperately indirectly calling it sort of unsecure just so their users wouldn't attempt to hide their IPs using Tor. May it be for KYC/AML or better traceability reasons or for more accurate user statistics on their side. As far as I know they don't ban people for using Tor, so I really don't see any harm in using Tor when using Localbitcoins.

---

EDIT


Managed to let the message appear. It appears on the login page.

I don't think so, Tor increases privacy in general, and wallets that allow Coinjoin transaction use Tor by default in order to enhance privacy of bitcoin transactions. There are other factors that combine together and contribute to the privacy of users. I don't see any convincing reasons to judge that Tor increase risks of bitcoin theft, honestly.
Enhanced privacy with Wasabi & Samourai wallets (https://bitcointalk.org/index.php?topic=5184238.0)

i honestly can't think of any situation where using Tor would increase the chances of you losing your bitcoins that you are keeping on the same online machine compared to normal times when you are using that machine without Tor!
usually when sites make such claims they also should add a page to explain why they are saying it otherwise we end up speculating about their works with the governments which might be more correct than you may think.

I think they have their reasons for this since this browser is better than others when it comes to privacy. I doubt that people would be able to track your histories with this. It would not increase the possibility of being hacked but it would increase your time browsing since it is not that fast when it comes to that.

I don't believe this accusation, I incorporate privacy browser to my web search and browsing. I hope they are not going to accuse brave browser as the next, not safe browser.  It's possible localbitcoin wants to keep track of it users.

Well, I do not know if the Tor nodes might have something to do with that? I know it was reported that the 3l3tter agencies can run their own exit nodes and then use these nodes to track IP addresses, so if they are capable of doing that, then other people <hackers> might also be able to do that and once they have your IP Address, it will be easier to target Bitcoin owners.  ::)

The question is, why go through all that trouble, when you can simply target people that are not using Tor with their service? I think this is simply a scare tactic to try and influence people not to use Tor.  :P

I don't think it came from Tor because it is the most secure way of browsing.
My suspect is a 3rd party software which was the case of hacking of some ETH a year ago
where they hack the google DNS address and put the blame on etherium but the case was solved
and the real cause of hacking is finally found out it was not etherium fault rather it is from google DNS address.

I don't know why did they say that.

Does the Tor browser that I know in the past is not the same as the Tor browser right now?

It is true that most of the people use it to access the Dark/Deep Web but it is not that these hackers can access the computers being used right? Tor browser is known for that that is the reason why I used that in the past to access that "not-to-be-accessed" site as they told me. I think they are just giving warning and not a threat, right?

this is probably the first step towards outright banning TOR and VPN usage or closing accounts over it. bitstamp and poloniex already "limit" VPN usage, (https://www.coindesk.com/crypto-exchanges-should-take-a-hard-look-at-ip-address-masking-services) which presumably means you risk account closure by using them.

on localbitcoins, one can still trade at the lowest tier with a throwaway name, email and burner phone up to 1000 euro per year. already super low limits in my view, but i guess if you've got some time on your hands and a handful of burner phones, you can dodge their limits in a sort-of meaningful way? by obfuscating your IP.

Well I don't even think we should use something other than the Mozilla or Google ..

There are millions of browsers in the market and it is certainly not a good idea to go and try each and every one of them ..be safe and use secure ones acceptable all over the globe.

this is indeed quite confusing news. I think tor is one of the best browsers. however, if localbitcoin feels that tor browser can increase theft on bitcoin, then that also has the potential for other browsers right? however there is no truly secure system. we only need to pay attention to the defenses we have on the device we use. So far, I have not used a browser other than Google Chrome, and Firefox.

If it's true, people will now be more suspicious of localbitcoins, since they are lying to users in order to brake their privacy. This will push p2p trading towards decentralized exchanges, forums, telegram channels and so on. And then instead of having some Tor users and some clearnet users, they'll end up with less users overall, and regulators will have harder time spying on people.

tor will not increase nor decrease the possibility of bitcoin theft.
technically, I don't see how this can be true, and here is why:

1) Say some user choose to send traffic traverse thru Tor (via socks proxy localhost then transit its way on port 443 to LBC) via SSL engine embedded in Tor Browser
2) in some instance, this TLS session traffic enters into a monitoring exit node that logs and decrypts well known certs for meta-data extractions (like google services and other deep state firms)
3) since the private key generated x.509 cert request remained unknown, signed by CA, there is insufficient believe that 3rd party can decrypt the traffic on your LBC browing session on an Tor exit node.

However, if an website like LBC DO uses CDN service like akamia or cloudflare,etc; then things can go WRONG. This is true even for user NOT browsing with Tor:

4) Tor exit node output IP obfuscated traffic to CDN protecting or increase service capacity.  Any data you GET thru one of those CDN is not encrypted, (automatic MITM and with CDN SSL and NOT origin SSL Certs) in order for CDN to analysis and to provide filtered service. Reason being your traffic entering and exiting these node with non LBC SSL Certs.  And the session cache can be scrubbed to reveal your wallet, data, recovery seeds, password, as many other goodies with sensitive information like IP and other site you've sited (i.e blockchain.info, coinbase, any many others which also uses CDN like cloudflare).

5) CDN Exfiltrate this meta-data relating to your browsing session to a 3rd party, and re-encrypt to clear txt data to deliver the origin server that hosts actual LBC https://  content via public LBC web SSL Certs.  3rd party pays royalty to CDN like cloudflare, and in term they bragg and offers free unlimited protection for any web site.

Analysis
---------
a) 3rd party can be analytics or big data entities with deep fed banking darknet infrastructure as part of data "source" for on-going dragnet surveillance on it activity.
b) in 3, CDN most likely host origin server's authoritative resolver (acting as LBC DNS for example) and it keep logs and this statistics are normally packaged and for sale to CDN's associates and other interested 3rd Party ($$$)
c) Being existential, LBC may trade in your privacy for free LBC protection.  But since it needs to comply with BTCKYCBTC anyways to prevent being shut down, this is somewhat of a m00t point.

Now, do you see a pattern?

If this was for the benefit of their users would it not be helpful to tell them why it's unsafe? One doomy sentence is not really enlightening enough.

It's been weird watching Localbitcoins slowly lose it. They have a super established brand that they're slowly strangling. If I were them I'd split into one operation that still does custodial stuff and another that advertises trades but nothing else.

Tor browser doesn't increase Bitcoin theft, It's either you are using the wrong localbitcoin site or they are trying to stop their users from hiding their ip address.

I believe that something connected to internet will increase any theft or illegal activity. But i believe with tor browser it self, and not suspect it if i download/using tor browser from real developer. But i will suspect if i download browser from not trusted website/developer. For example, download from fishy website, so i wont used it. Worry if those browser include with keyloger,or something malware placed by fishy developer.

Is there not a possibility of man in the middle stuff by the exit node? I've only ever used Tor once and found it so slow I started to blub. Good job I'm not a paedophile or drug dealer as I'd have to quit those peccadilloes if my outlets had to use it.

I don't know, it does not seem true to me. Critical bugs can be a problem, especially with such projects that are not on top (obviously, there's way more budget to develop Chrome than Tor, so the latter is potentially more vulnerable because of being underfinanced. However, I don't think this was the point in this message. I think it's more about Tor being associated with illegal activities or something, and the problems of downloading files while using Tor and becoming exposed because of that. Plus, there might be some hackers looking specifically for Tor browser users, because they are way more likely to have some Bitcoins than people who use Chrome. But overall, I think the issue is overstated and Tor does not really increase the risks of having the funds stolen...

There is a thinking among the people, using tor browser will keep them unknown to the world as the network through which the respective transaction is made will be unknown forever. Tor browsers were much preferred by users who involve into illegal and other complicated businesses. One who have used to common browsers will easily get fed, because what we experience is a much slower process and darknet is completely under surveillance by top level hackers. This in some way makes usage of tor browsers a high risk practice of transacting cryptocurrencies.

Maybe what they're trying to say is that TOR users can take advantage of greater anonymity and try to scam you or steal from you physically when you agree to exchange with them? This doesn't mean that scammers aren't using other browsers.

 I agree that this is a stupid warning that will rather confuse new users and make them scared of using TOR but TOR is not the problem. The most important thing is to know how to keep your PC and your wallet safe.

It's pretty insulting. If anything, TOR users are safer on average because of NoScript, which protects against XSS attacks among other things.


Is that why they're so uptight -- because of the hosted wallet? I'd love it if there were a Craigslist style non-custodial trading site with LBC's amount of traffic. I could see it being tough to split their brand at this point, though.

This isn't true, how Tor do increases out bitcoin theft? LBC is just clearly or obviously doesn't like for its users to use up this browser. ;D

thats what i also think about    .  i knew tor before and tor is i think pretty simillar to vpn which protects your identity or to make you more anonymous  . people use these kind of tools in order to become safe for tracking so how can one say that it increases theft/btc theft  ?  

tor is also the browser that can be used to dive on the deepweb/darkweb right ? browsing those sites are dangerous or risky , this could be the other reason why they think it risky to use tor because diving those said sites are full of hackers  and spy

Don't just believe what you saw on the internet because i believe ToR is not the reason why Bitcoin would get stolen.
I think it is just a misleading information they made to prove something from the government or localbitcoins doesn't like people who uses VPN. ::)

Perhaps the former, every law enforcement agency are putting pressure on crypto exchanges this year and those people behind are caving in that's why recently they require KYC.

So I'm not surprise by the announcement though, if they want to continue with their business I guess they're going to follow the same path as other trading platform today, obey or shut down.

This is not true, except maybe from their point of view. One of the things Localbitcoins tells you is the country (ip) of the other party, of course if you use tor the ip is random, so you cannot tell. But that is stupid as anyone could be using a proxy or vpn to fake a country anyway...

Indeed this browser is merely Firefox with Tor bundled and some default settings changed.

And yes, the (silly) message is visible if you enter Localbitcoins from Tor (regardless of browser).

In 2019 the Tor project went with a very misleading image. Tor is Tor, their browser is their browser, they are separate, period. I do not agree with their revamped image. One thing does not mean the other, you can perfectly use Tor with any other browser, they will scare you of leaks, especially if you use something like Chrome which makes sense, but you can still use a secure browser that is not "The Tor Browser", via Tor. Get it?

The real Tor page is this one: http://2019.www.torproject.org/ notice the 2019 in front of the url.

Oh yes, it is possible to use Tor Browser without Tor, i won't tell you tho :)

It's possible, but since it comes with HTTPS Everywhere out of the box, I'd say it's a remote possibility. The possibility certainly isn't significant enough to conclude that Tor is inherently less safe than other popular browsers. Localbitcoins has been being increasingly hostile to anonymity for a while now, so such a move with no explanation is just them keeping up with that trend.

Maybe scammers do prefer to use Tor, like what has already been brought up, but it's not like using it yourself would leave you more vulnerable to them lol. Either way, it looks like using Tor isn't a ToS violation (https://twitter.com/LocalBitcoins/status/1171389555729154058) yet.

1) I use tor a lot

2) There is and continues to be an issue with:
   a) Malicious exit nodes. Yes, many people choose to say, it's safe but anyone with enough time and money can sniff all traffic and do a really good MITM attack with it.
   b) And I think this is the bigger issue. People not setting stuff up properly and getting bitten by that.

3) As said before tor is different the the tor browser but explaining that to people is very difficult. Hell, the brave browser has a "connect with new private window & TOR" option.

I'm going out on a limb and saying this is LBC doing a cover their ass thing.

"Oh, look you connected using TOR, it's your fault, you don't get your BTC back. Next ticket"
It could be preemptive or it could be, they have seen a greater number of issues with TOR users and don't want to deal with it anymore.

-Dave

I didn't use this Tor browser anymore. So I don't have better idea about this one. If this one is good enough I will surely try for it. :)

Genuinely curious, what do you think the average person using Tor should set up to avoid getting attacked? Anyway, I agree with you that they're covering their ass, but more from regulatory pressure than anything else.


Missed this on my first post, but I thought I'd clarify: The Tor Browser is not (https://security.stackexchange.com/questions/124191/using-specific-firefox-profile-of-tor-instead-of-torbrowser) just Firefox with settings changed. Tor is geared towards anonymity.


I personally don't think it's ideal for regular browsing as it makes captchas hell and can be excruciatingly slow. Its primary use for anonymity, which some people might want for doing Bitcoin stuff.

Without bothering to provide some good explanation for such a warning, it can misconstrued that LocalBitcoins made the act maybe just to please some regulators or to make the platform detached from possible problems they think they might encounter in the future relative to the TOR browser. What is clear here is that many platforms are now starting to aligned with authorities so they can continue doing business with ease as we know that fighting can mean financial bleeding.

Malicious exit nodes mounting MITM attacks is a vector I hadn't considered before. I had been thinking of them mainly as surveillance adversaries. I'm not actually sure this is a legitimate concern, though. It seems like attackers could do more effective analysis on regular clearnet usage to mount more effective generalized attacks on a bigger population.

Maybe DaveF could elaborate on how targeted routing analysis would make such attacks more likely. My initial reaction is that users running NoScript and/or disabling JS should be much better protected against MITM attacks than average web users too, so that's another reason why average TOR browser users should be safer.

I have never opened the Tor browser to login or just trade. Because I am a person who is very careful with passwords and privacy. In essence, I am very careful with gaps that can make me lose.

I still can't believe such a reputable web browser. Everything is at risk. Our job is to control risk, I think tor will have a proof

Giving you a merit for a well written post. This is basically the same as some people freaking out about using public WIFI. Most sites these days use HTTPS and most of the data sent to the website is encrypted and its very difficult to decrypt this info unless you know the key which only the server possesses.

There are issues however with some data that isn't encrypted and depending on what site you are browsing. Some sites might have HTTPS for certain areas but not the entire site and that info is very easy to view. This is where some people who used those packet sniffers back in 2010 read some private info over public wifi such as in a University. However usernames, passwords and emails were always encrypted.

I think the caveat offered by Tor, historically related to extra-personal spending and other browsers related to FireFox are theoretically equally vulnerable. LOCALBITCOINS raises concerns about privacy tor

Be careful when using Tor. Operators maintain a registry of TOR users. That is, just downloading the browser, you get into the list. Files are sent through several servers to confuse those who want to track traffic. The last server in rare cases may be yours. If you're not lucky, "they may be accused of drug trafficking. Most of the Tor traffic comes from the Darknet. Your security and anonymity are at risk on sites without an SSL certificate. It’s better to avoid sites on http and only go where there is https.

This has been going for long, but lately it is ever a concern, as most sites switched to https anyway, and the exit node can do nothing about that.
HTTPS Everywhere is rather useless at this point in time, because, most sites already are https and there is no need to try force it anymore. Besides, those few sites that still don't have https, won't have it magically only because you have that add on. Thanks the EFF for the push tho.

Getting rid of scripts (i like umatrix more than noscript) is a solid move. Only while list trusted sites and at the same time get rid of the tracking garbage.

---

This is utter nonsense and you have no idea what you are talking about. Get informed before writing stuff first...

I don't think Tor can really help with that. You just have to be more careful.