have a look here https://en.bitcoin.it/wiki/Setting_up_a_Tor_hidden_service

regards,

science

The bitcoin wiki is unfortunately very outdated.


Sorry but I don't quite understand your post. Are you saying that Tor Browser software installed WannaCry virus on your computer? can you give more details? I just don't get it, how that's even possible?

I use Tor to bypass proxies because I don't feel like paying an VPN etc, I have used for years and I've never heard anything like that...

About the US funding Tor project... yes rather strange, but at the end of the day they use Tor too. I've always heard conspiracy theories like that but no proof of anything. If it's open source, who cares who is funding it?

So, you are trying to use the bundled Tor from Tor Browser rather than a dedicated Tor daemon?  This is not recommended.

IIRC, the default TCP port for Tor Browser’s Tor’s SOCKSPort is 127.0.0.1:9150, which explains why Bitcoin could not connect to port 9050.  On Linux, at least, recent versions of Tor Browser may even use a UNIX domain socket rather than a TCP socket.  But I’m not even sure what it does by default, since I use Tor Browser with an external Tor daemon on a network-isolating gateway.  I would need to search—I recommend that you do so, if you really want to use Tor Browser’s Tor.

If you want to add another SOCKSPort to Tor Browser, look for Browser/TorBrowser/Data/Tor/torrc.  See the Tor manual page for documentation of SOCKSPort.  Be aware that this will probably (?) be wiped out when you upgrade Tor Browser.

It is strongly recommended that you set up a separate Tor daemon for your Bitcoin.  I recommend doing so on a gateway which isolates the internal network; this affirmatively prevents all leaks of your “real” IP address, whether malicious or accidental.  Many applications leak horribly, doing direct DNS lookups even when they purport to accept SOCKS proxy settings.  You can set up a Tor gateway on a cheap computer with two Ethernet ports, or using VMs within the same physical machine.  On FreeBSD, the jail subsystem provides a lightweight means to achieve this.  N.b. that if you use a separate Tor daemon with Tor Browser, it requires some muttered incantations to disable Tor Browser’s bundled Tor; and you must do this to avoid “Tor-over-Tor”, which will harm your anonymity as well as killing performance.

I was using vidalia.exe that comes with a proxy server (privoxy.exe) directly from win-sockets within my code to pull pages from
all over the internet and I am sure many of these site would be pushing viruses that rely on javascript and browser exploits but thats
not going to infect a machine that's not browsing and is simply parsing the HTML from the pages and nothing else was even running
on the machine because it was dedicated to this simple task when it picked up WannaCry

No I am not 100% sure it must had been Tor itself but I would say 99% sure this is what happened

My reason for scanning the internet via Tor was to count the number of active web-sites in use that are not just
domain parked or are using 302 redirects back to central servers and part of the process was fooling google search to
give up a few of it's secrets or else they cut you off if you do too many searches.

Believe me I was a big time fan of Tor before this happened, nice tool in the box but look around and you will find
other cracks that people are talking about and also note that the number of exit nodes always stays at around 300
and the other draw back is they have all become well known and blocked by most sites.

I ran Tor once as an exit node and it got little to no traffic and I know this because I was running my own version of
Wireshark on the machine so again I say that all is not as it seems.

So if you don't like Tor, what else do you recommend? what's there besides a decent VPN? any services you recommend?

I just don't like the idea of not using something when broadcasting a transaction. You are making a transaction through your real IP, this doesn't seem too safe. But then again Tor doesn't seem too safe too from what im reading, I also don't want to host anything that could incriminate me somehow, I've read people running Tor nodes that never did anything wrong, ended up raided somehow.. no thanks. Could this happen if you need to host your own hidden service too? And if using Tor Browser method isn't safe, why they don't mention this in Bitcoin Core documentation? they only talk about this method.

Isn't Electrum safer than using a full node with your real IP? I mean the transaction in Electrum goes through some server, and not your IP directly.. it's a similar model to VPN where you would need to trust that whoever running the SPV server is not selling logs.

Im not doing anything ilegal btw, I just don't like the idea of people having your real IP when you are transacting.

Isn't vidalia very outdated? I haven't heard about that since ancient versions of Tor..

How about using Tails? Wouldn't the transactions made through Bitcoin Core be relayed through Tor by default without needing to do anything?



I know, I thought that you could somehow trace it if you didn't use a proxy and so relaying throught a server (Electrum) would be more private than clearnet full node transaction but it seems it's safe:

https://bitcoin.stackexchange.com/questions/56682/understanding-ip-address-tracing-via-bitcoin-transaction


Still, would be cool to easily transact through Tor safely. If I do what nullius said, I don't need to fear any random raids right?

I thought about a setup in which it looks like this: Your IP -> Tor node IP -> VPN IP, -> internet, this way, the sites see the VPN IP but your traffic still is routed throught Tor for an extra layer of protection, but I have read that this is not a good idea for some reason. In the Tails website for instance, they say not to do this:

https://tails.boum.org/blueprint/vpn_support/

And yes I don't use Tor for everything... mostly only for this site to not get doxed by scammers.

I think I will not bother. I think I read achow saying how your node will not reveal your IP in a transaction, even if you aren't using anything. I assume only nodes can see your real IP, and I don't run a 24/7 node so it's not that important.