|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
Andreas Schildbach
Moderator
Hero Member
 Offline
Activity: 483
Merit: 501
|
 |
November 02, 2013, 03:53:09 PM |
|
I think it doesn't work because bitcoinj/netty doesn't support setting a proxy.
|
|
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1129
|
|
November 02, 2013, 04:23:32 PM |
|
Matt has been working on a rewrite of the network layer that would let us route traffic over Tor. It's not obvious that it's a good idea though. Using Tor essentially puts a MITM on every connection you make, unless you're connecting to hidden services. Supporting discovery of hidden services would take a bit more work.
|
|
|
|
|
yabu (OP)
Newbie
Offline
Activity: 19
Merit: 0
|
|
November 03, 2013, 06:05:09 AM |
|
Is there a way to know for sure whether the android wallet bypasses Orbot or not? I did a test transaction and looked it up at http://blockchain.info and the IP address listed under 'Relayed by IP' was not my own. But then again it doesn't have to be even if the android wallet connects directly. |
|
|
|
|
|
lukey
|
|
November 17, 2013, 08:36:21 PM |
|
I don't know if this can answer this question, but i recently sent a small amount of bitcoins to a market place. I'm still waiting on the transaction. It still hasn't transmitted and completely froze my wallet on my phone you can say. Every time I try to send a payment, it says that my current balance on my wallet is still waiting for confirmation. I don't understand lol.
~ I did use Tor
|
|
|
|
|
Andreas Schildbach
Moderator
Hero Member
Offline
Activity: 483
Merit: 501
|
|
November 18, 2013, 10:15:45 AM |
|
@lukey I pm'ed you.
|
|
|
|
|
yabu (OP)
Newbie
Offline
Activity: 19
Merit: 0
|
|
November 23, 2013, 04:03:43 PM |
|
Just to follow up on this. I tested this network log application https://f-droid.org/repository/browse/?fdid=com.googlecode.networklogAnd with the information it provides it looks very much like Orbot manages to route the Android Wallet over Tor. Btw. is the Android wallet more at risk from an rogue exit node than the satoshi client? |
|
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1129
|
|
November 24, 2013, 01:42:58 PM |
|
Yes, the risk is higher.
The new network stack is ready for testing. Andreas could produce a test/beta version that routes traffic over Tor now. But if Orbot is already doing it for all applications, then it doesn't seem useful.
|
|
|
|
|
yabu (OP)
Newbie
Offline
Activity: 19
Merit: 0
|
|
November 24, 2013, 06:16:18 PM |
|
Exactly what kind of an attack could a rogue exit node orchestrate?
And why is the android wallet more vulnerable than the satoshi client?
|
|
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1129
|
|
November 24, 2013, 07:02:30 PM |
|
It could feed you transactions that are fake and will never confirm. If you're not waiting for confirmations, then you could be fooled by this. The Satoshi client has all the data needed to validate even unconfirmed transactions, so the tx can't actually be fake (although with a MITM you cannot know if the tx was really propagated and thus, whether it could be double spent).
Basically, Tor is bad news unless you're OK with waiting for confirmations (preferably, several), and that's true regardless of which client you use. Even if you THINK you're OK with waiting, the MITM could filter out block announcements so you just think the network is being really unlucky and not finding a block, so you give up waiting and decide to risk it.
|
|
|
|
|
yabu (OP)
Newbie
Offline
Activity: 19
Merit: 0
|
|
November 24, 2013, 09:23:30 PM |
|
Ok, thanks for the info
|
|
|
|
|
|
