Bitcoin Forum
November 11, 2024, 06:30:33 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Privacy and Security  (Read 1812 times)
generalizethis (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1036


Facts are more efficient than fud


View Profile WWW
June 20, 2015, 05:20:27 AM
Last edit: June 25, 2015, 04:42:12 AM by generalizethis
 #1

This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.

Privacy (personal security) is much like nutrition in that you not only need to read the label, but understand what you are looking for. And as with nutrition, you must not only be vigilant but learn new behaviors to stay as healthy as possible.

If you are running Windows, this is a good way to find out how infected your computer is:
malwaretips.com/blogs/malware-removal-guide-for-windows/

Most complete article I've found on the ins and outs TOR*:
lifehacker.com/how-can-i-stay-anonymous-with-tor-1498876762

Very general comparison of TOR, Freenet, and I2P:
null-byte.wonderhowto.com/inspiration/anonymity-networks-dont-use-one-use-all-them-0133881/

Guide to setting up I2P:
https://rebuildingalexandria.wordpress.com/2012/02/21/secure-and-anonymous-file-sharing-using-torrents-on-the-i2p-network-library-nu-exiles-take-a-look/


*I'd like something more current, but this should indicate how hard good security can be and that TOR, like any tool, should be wielded with skill and preferably with the most recent version. If you have an updated link for securing your TOR connection, please post and I will include it in the OP.

chennan
Legendary
*
Offline Offline

Activity: 1316
Merit: 1004


View Profile
June 20, 2015, 05:43:39 AM
 #2

This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.


About privacy: Always new receiving address and new change address, you can use VPN to hide your IP as well.
https://bitcoin.org/en/protect-your-privacy

About Security: Always set up long passphase including number, charactor and captial. Back up your wallet!
https://bitcoin.org/en/secure-your-wallet

TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
June 20, 2015, 05:44:50 AM
 #3

There is myriad of potential improvements being discussed and worked on in back channels that I doubt any of those entities is going to discuss here until it has been announced by the various entities that are working on solutions.

So all you are likely to get here are comments from n00bs that don't really know what is going on. Or general statements from experts who don't want to spill all the beans yet.

For example, the failure to point out that the following suggestion will not be effective against the national security agencies (which are likely now functionaries for future tax clawbacks):

About privacy: Always new receiving address and new change address, you can use VPN to hide your IP as well.
https://bitcoin.org/en/protect-your-privacy

generalizethis (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1036


Facts are more efficient than fud


View Profile WWW
June 20, 2015, 05:59:36 AM
 #4

There is myriad of potential improvements being discussed and worked on in back channels that I doubt any of those entities is going to discuss here until it has been announced by the various entities that are working on solutions.

So all you are likely to get here are comments from n00bs that don't really know what is going on. Or general statements from experts who don't want to spill all the beans yet.

For example, the failure to point out that the following suggestion will not be effective against the national security agencies (which are likely now functionaries for future tax clawbacks):

About privacy: Always new receiving address and new change address, you can use VPN to hide your IP as well.
https://bitcoin.org/en/protect-your-privacy

But now a privacy-noob sees (or at least I hope they do) that this is a flawed technique and can move toward a better understanding of privacy. Some of this stuff has been hard-coded into their psyches by endless repetition from weekend privacy warriors or Bitcoin supremacist who either don't know the error of their methods or are too invested to correct them in a meaningful way.

RappelzReborn
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500



View Profile
June 20, 2015, 06:03:04 AM
 #5

For me , I think everyone will get his privacy when people start sharing their real life informations like Residence , Passport or ID/Driver licence.
https://bitcointalk.org/index.php?topic=1093168.0 , one other thing is simply using multiple adresses (different each transaction) like Satoshi said and then everyone will be fine . But for now seems like no one is doing that so yeah .. no privacy

muhrohmat
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250


View Profile
June 20, 2015, 06:14:24 AM
 #6

sir rappelzreborn could say that to paypal for instances if they implement into bitcoin market the use into paypal to that currency coin would be good for more security.

RappelzReborn
Hero Member
*****
Offline Offline

Activity: 686
Merit: 500



View Profile
June 20, 2015, 06:22:57 AM
 #7

sir rappelzreborn could say that to paypal for instances if they implement into bitcoin market the use into paypal to that currency coin would be good for more security.

not sure what you but We don't need any comapanies like Paypal, Google , Facebook, Twitter or other big famous website to start working with Bitcoin because they will screw it over and screw our privacy over , they will start asking for our real informations and it won't be decentralized shit anymore then your account gets limited most likely for using fake informations and your you won't see your BTC forever, we'ere just fine !

generalizethis (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1036


Facts are more efficient than fud


View Profile WWW
June 20, 2015, 06:31:51 AM
 #8

For me , I think everyone will get his privacy when people start sharing their real life informations like Residence , Passport or ID/Driver licence.
https://bitcointalk.org/index.php?topic=1093168.0 , one other thing is simply using multiple adresses (different each transaction) like Satoshi said and then everyone will be fine . But for now seems like no one is doing that so yeah .. no privacy

I believe the problem with relying unquestioningly on multiple address use is that once one wallet is linked to an ID, then all the addresses can be linked to that address by analytic tools like this: https://www.elliptic.co/anti-money-laundering/ It may not link you to any crime, but may be enough to blacklist those wallets and make using those coins difficult (or force you to pay a premium to spend them) in certain jurisdictions. Or worse put you on an auditing list of your local tax collection agency.

A big part of privacy is unlinkability--either you have it, or you don't.

marine4u
Full Member
***
Offline Offline

Activity: 673
Merit: 106


View Profile
June 20, 2015, 07:07:24 AM
Last edit: June 20, 2015, 07:18:35 AM by marine4u
 #9

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalk.org/index.php?topic=1089959.msg11617728#msg11617728


Marinecoin DEV
marinecoin.org
superresistant
Legendary
*
Offline Offline

Activity: 2156
Merit: 1131



View Profile
June 20, 2015, 08:14:19 AM
 #10

So all you are likely to get here are comments from n00bs that don't really know what is going on. Or general statements from experts who don't want to spill all the beans yet.

It is our duty to educate the noobs.
kazuki49
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250



View Profile
June 20, 2015, 12:10:52 PM
 #11

There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.
generalizethis (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1036


Facts are more efficient than fud


View Profile WWW
June 20, 2015, 12:29:56 PM
 #12

There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalk.org/index.php?topic=1089959.msg11617728#msg11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?


hf100
Member
**
Offline Offline

Activity: 68
Merit: 10


View Profile
June 20, 2015, 04:11:01 PM
 #13

There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalk.org/index.php?topic=1089959.msg11617728#msg11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?



I thought there was a vulnerability recently found in Tor that leaves it open to man in the middle attacks. I don't know if it's any use to the tax authorities, but they might pay professionals to exploit it if they thought they could make money from it.

LISK    Develop Decentralized Applications & Sidechains in JavaScript with Lisk!
marine4u
Full Member
***
Offline Offline

Activity: 673
Merit: 106


View Profile
June 20, 2015, 08:35:09 PM
 #14

There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalk.org/index.php?topic=1089959.msg11617728#msg11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?



I thought there was a vulnerability recently found in Tor that leaves it open to man in the middle attacks. I don't know if it's any use to the tax authorities, but they might pay professionals to exploit it if they thought they could make money from it.

Half of tor nodes are operated by government spy agencies and the rest are hackers trying to figure out who is doing what, I think that says it all, what we are doing with signed messages is eliminating all unnecessary communication over the internet and unsafe database storage of the passwords, a simple hash that verifies that you are you no email no tor that simple.
equipoise
Hero Member
*****
Offline Offline

Activity: 794
Merit: 1000


Monero (XMR) - secure, private, untraceable


View Profile WWW
June 20, 2015, 10:18:49 PM
 #15

^From https://torstatus.blutmagie.de/:
Quote
Total Number of Routers:   6716
It seems 2000$ per day would be enough for half the nodes.

About me | zRMicroArray - phase 2 - Gene Expression Analysis software | [Weed Like to Talk - Bulgaria] Start a wave of cannabis seminars in Europe | Monero weighted average price stats: moneroprice.i2p
BTC: 1KoCX7TWKVGwqmmFw3CKyUSrKRSStueZar | NMC: NKhYEYpe1Le9MwHrwKsdSm5617J4toVar9 | XMR (Tip me a beer OpenAlias Monero address): tip.changetheworldwork.com
[XMR] Monero - A secure, private, untraceable cryptocurrency: 4AyRmUcxzefB5quumzK3HNE4zmCiGc8vhG6fE1oJpGVyVZF7fvDgSpt3MzgLfQ6Q1719xQhmfkM9Z2u NXgDMqYhjJVmc6KX
generalizethis (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1036


Facts are more efficient than fud


View Profile WWW
June 21, 2015, 12:46:39 AM
 #16

There is no freedom without privacy, the implications of cryptocurrencies who do not respect the masses privacy are not being taken with the necessary care in a broader sense outside small communities which are shun away as "altcoins". Is a (remote) chance of getting rich by virtue of an early investment all it will take for we exchange our financial integrity in a transparent blockchain? If people accept it the TPTB may as well make the Bitcoin value skyrocket and adopt it everywhere on their system, a removal of the 21m cap will be just the beginning, mining power would shift very fast to their control as they have most of the IRL money and resources after all and the common person cannot really afford ASICs, their dystopic 1984 reality will finally come true.

To feed your healthy paranoia: https://www.youtube.com/watch?v=GIus7lm_ZK0

I wrote a long boring article few days ago about exchange privacy which is by far the major privacy leak in crypto as of today, I have also worked out a solution with signed message verification of withdrawals from exchanges, please take your time to read it and tell me what you think so that I can make improvements based on suggestions.

  • The case for the Elliptic Curve verification of withdrawal without email
https://bitcointalk.org/index.php?topic=1089959.msg11617728#msg11617728


Marinecoin DEV
marinecoin.org

I took a quick run through and love that you aren't using email (though I wonder if you couldn't use encrypted email for some communication), but I don't think I read anything about TOR or I2P integration. Believe you would need some sort of integration to achieve high-level security. Was speed reading, so maybe I went too far too fast?



I thought there was a vulnerability recently found in Tor that leaves it open to man in the middle attacks. I don't know if it's any use to the tax authorities, but they might pay professionals to exploit it if they thought they could make money from it.

Half of tor nodes are operated by government spy agencies and the rest are hackers trying to figure out who is doing what, I think that says it all, what we are doing with signed messages is eliminating all unnecessary communication over the internet and unsafe database storage of the passwords, a simple hash that verifies that you are you no email no tor that simple.

Gotcha, so your main concern is password security. As far TOR goes, I can't find a definitive article on how broke or unbroken it is, but it still is preferable (as far as privacy is concerned) than clear net and can be made better by certain practices, though I2P would be the preferred method for near/complete/better-than security.

I think I'm going to take some time tomorrow and see if i can't find some more definitive materials on TOR and perhaps I2P. I'd like to gather materials for the OP for quick reference for those who are interested in securing their finances and identification but aren't sure where to begin.

If anyone has any links they think would be useful, please post them. The more general or panoptic ones I'll try to include in the OP.

1986
Full Member
***
Offline Offline

Activity: 165
Merit: 100


View Profile
June 21, 2015, 09:30:26 AM
 #17

This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.

malwaretips.com/blogs/malware-removal-guide-for-windows/


Best solution: don't use windows. I was sick of getting viruses all the time so switched to ubuntu. It's 99% safer in my opinion and the liklihood of getting a virus is next to nothing. Plus, I much prefer linux anyway and you can download ubuntu for free. You can boot it from a cd-r or usb as well without installing it so you can text it out to see if you like it.
generalizethis (OP)
Legendary
*
Offline Offline

Activity: 1750
Merit: 1036


Facts are more efficient than fud


View Profile WWW
June 21, 2015, 12:18:23 PM
 #18

This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.

malwaretips.com/blogs/malware-removal-guide-for-windows/


Best solution: don't use windows. I was sick of getting viruses all the time so switched to ubuntu. It's 99% safer in my opinion and the liklihood of getting a virus is next to nothing. Plus, I much prefer linux anyway and you can download ubuntu for free. You can boot it from a cd-r or usb as well without installing it so you can text it out to see if you like it.

I use an air gapped linux to secure my Moneroj. More adaptable than a Trezor and you can play games on it.  Wink

kazuki49
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250



View Profile
June 21, 2015, 12:39:42 PM
 #19

This is a general discussion on how to best achieve Privacy and Security with cryptocurrencies. At the moment I'm not imposing moderation, but if spam, trolling, or FUD gets to a point where meaningful discussion is impossible, the thread will be moderated or terminated.

malwaretips.com/blogs/malware-removal-guide-for-windows/


Best solution: don't use windows. I was sick of getting viruses all the time so switched to ubuntu. It's 99% safer in my opinion and the liklihood of getting a virus is next to nothing. Plus, I much prefer linux anyway and you can download ubuntu for free. You can boot it from a cd-r or usb as well without installing it so you can text it out to see if you like it.

Yeah Linux, like best things in life, is free Smiley
Ingatqhvq
Hero Member
*****
Offline Offline

Activity: 532
Merit: 500



View Profile
June 22, 2015, 02:13:27 AM
 #20

Security is more important than Privacy.
                                                                       
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!