Bitcoin IS anonymous

[cypherdoc]

if it wasn't, why hasn't anyone identified the stealer of the bitcoins of Allinvain, MyBitcoin and various other hacks?

[1715095388]

1715095388

[evolve]

because traffic analysis is time consuming and isnt free

[marcus_of_augustus]

Pseudo-anonymous ...

... bitcoin's biggest deficiency as money, imo.

[cypherdoc]

i'm not so sure how effective traffic analysis is with a determined thief.  multiple moves and splits significantly complicate identification IMO.  yes, i've read that article from those 2 researchers.

[evolve]

multiple addresses don't matter, it only temporarily obscures things.

the principle works the same as it does with captured military communications (SIGINT/COMINT). with enough raw traffic, you can make communication maps that will reveal who is who, even if you are up against dynamic (constantly changing) callsigns.

[cypherdoc]

multiple addresses don't matter, it only temporarily obscures things.

the principle works the same as it does with captured military communications (SIGINT/COMINT). with enough raw traffic, you can make communication maps that will reveal who is who, even if you are up against dynamic (constantly changing) callsigns.

wouldn't you have to have revealed your identity in relation to one of the addresses?

[Big Time Coin]

Yeah I was going to work on a program/script to figure out where all the mybitcoin coins went to track them.  Also to make a program to hook into the bitcoin p2p network and pull the IPS of the addresses they ended up at. 

Problem #1: How the hell am I supposed to know what addresses were Mybitcoin receiving addresses to begin with?  I can start a thread, but only a tiny fraction of people are going to see it or post their receiving addresses in there. 

Problem #2: The math isn't trivial, not immediately obvious to me that the algorithm will run in O(n) time.

Problem #3: those are just the first two, they seem unsolvable without many hours of time invested, and will only lead to the discovery of problem #4-?

When jgarzik talks about bitcoin not being anonymous, he is actually talking about "in theory" they are not anonymous.  In theory someone could create a companion program to track bitcoins.

In practice, I agree that they are anonymous, for now.

[evolve]

no, not neccessarily. traffic analysis is about looking for patterns in the communications.     

for instance (and this is a extremely basic example using callsigns)

if you were to see traffic containing the following  ( > is the direction of communication):

ABC>DEF
DEF>GHI

JKL>DEF
DEF>MNO

and later you see

ABC>XQZ
XQZ>GHI

JKL>XQZ
XQZ>MNO


you can then infer that DEF is likely XQZ


of course the real world application of this gets MUCH more complex and has many more variables, this is just a very basic example. after mapping very large amounts of traffic, you can build a map of who talks to who, and when ; communication hierarchies become apparent. identities can be  revealed in relation to the known identities of others in the communication structure.

[elggawf]

Problem #2: The math isn't trivial, not immediately obvious to me that the algorithm will run in O(n) time.

You could crowdsource that for cheaper and less effort than writing an algorithm. Make a website that lets people share links to block explorer transactions that are related, and I'm sure anyone who hasn't run screaming away from Bitcoin after the issues would be glad to help out (after all, they just got fucked hard).

In fact, I bet that's probably the more likely culprit for the price tanking rather than the coins being unloaded - lots of people got fucked hard and are exiting the market. We gotta stop pretending people's coins disappearing is good for the market, or that Bitcoin is useful solely as a store of wealth.  History has shown these two statements to be bullshit.

[Maged]

Problem #1: How the hell am I supposed to know what addresses were Mybitcoin receiving addresses to begin with?  I can start a thread, but only a tiny fraction of people are going to see it or post their receiving addresses in there. 

Quite easily. Using the blockchain, you can narrow down which transactions were from an ewallet by looking for transactions with almost no change. From there, some additional analysis can tell you with near certainty which addresses belonged to Mybitcoin.

[ctoon6]

if they used a good laundering service, you would never know for sure.

[cypherdoc]

no, not neccessarily. traffic analysis is about looking for patterns in the communications.     

for instance (and this is a extremely basic example using callsigns)

if you were to see traffic containing the following  ( > is the direction of communication):

ABC>DEF
DEF>GHI

JKL>DEF
DEF>MNO

and later you see

ABC>XQZ
XQZ>GHI

JKL>XQZ
XQZ>MNO


you can then infer that DEF is likely XQZ


of course the real world application of this gets MUCH more complex and has many more variables, this is just a very basic example. after mapping very large amounts of traffic, you can build a map of who talks to who, and when ; communication hierarchies become apparent. identities can be  revealed in relation to the known identities of others in the communication structure.

you're right.  thats an extremely simple and highly unlikely address scenario.  even for me, someone who isn't trying to hide anything, ABC & MNO would never be used twice since a new receiving address is automatically inserted in the clipboard after every receive and any change returned from a sending address gets automatically assigned to new address.

[wumpus]

Pseudo-anonymous ...

... bitcoin's biggest deficiency as money, imo.

What? that it's too anonymous or to little anonymous?

Seems that this is a good compromise between fully transparent and fully anonymous. It's traceable but only if you're prepared to do a shitload of work. Which means that people won't bother for anything but very serious cases.

[k9quaint]

if it wasn't, why hasn't anyone identified the stealer of the bitcoins of Allinvain, MyBitcoin and various other hacks?

When the coins at mybitcoin are exchanged for dollars or euros, the identity of whoever converted those coins will be known to the exchange. Until that time, the coins from mybitcoin are exactly where they have always been. There is simply no way (at the moment) for their rightful owners to access them.

[ctoon6]

if it wasn't, why hasn't anyone identified the stealer of the bitcoins of Allinvain, MyBitcoin and various other hacks?

When the coins at mybitcoin are exchanged for dollars or euros, the identity of whoever converted those coins will be known to the exchange. Until that time, the coins from mybitcoin are exactly where they have always been. There is simply no way (at the moment) for their rightful owners to access them.

not really, they could always dead drop it.

[jgarzik]

No, it's not "just theory".

By observing timing and size of network traffic bursts, one may deduce who is the sender of a bitcoin transaction, even if the network connection is encrypted.  And by default, the connection is not encrypted.

This is obviously predicated on someone already observing you, as well as actively sampling the P2P network.  If you find out about a crime after the fact, it is a lot more difficult to associate a transaction with a network address.

Other spends from the same wallet may compromise your identity, if you have ever posted a public bitcoin address somewhere.

In a closed ecosystem without ISP wiretaps and social engineering, bitcoin is highly private.  Use of dead drops, transaction delaying, mixing services and other means help increase anonymity, but are too difficult / time consuming for most people to want to use.  So we must live in the real world, where methods of discovering who is using bitcoin are already well known and used in the field today (keylogging, data sniffing and snarfing, network timing analysis, ...)

[wumpus]

By observing timing and size of network traffic bursts, one may deduce who is the sender of a bitcoin transaction, even if the network connection is encrypted.  And by default, the connection is not encrypted.

This is why it would make no sense to just encrypt bitcoin traffic as a separate overlay network.

Making use of an existing onion net such as I2P/Tor allows hiding the bitcoin traffic between other traffic. Still not 100% fool proof, as you could always do some kind of statistic analysis, but it moves it a lot more toward the tinfoil hat domain.

Anyway, the most effective way to trace people is indeed to have inside info at the exchanges. At the point where bitcoins are exchanged for bank money it's easy to ID who is behind it. From there, the network can be followed. This will become infeasible when there are people that are only paid in bitcoin and spend bitcoin and never trade, but my gut feeling is that those are really rare at this moment.

[cypherdoc]

Pseudo-anonymous ...

... bitcoin's biggest deficiency as money, imo.

What? that it's too anonymous or to little anonymous?

Seems that this is a good compromise between fully transparent and fully anonymous. It's traceable but only if you're prepared to do a shitload of work. Which means that people won't bother for anything but very serious cases.

i'd consider MyBitcoin to be a very serious case.  so lets see if anyone in the near future can identify the thief.  i highly doubt it. 

this will be an excellent real world test case.

[cypherdoc]

if it wasn't, why hasn't anyone identified the stealer of the bitcoins of Allinvain, MyBitcoin and various other hacks?

When the coins at mybitcoin are exchanged for dollars or euros, the identity of whoever converted those coins will be known to the exchange. Until that time, the coins from mybitcoin are exactly where they have always been. There is simply no way (at the moment) for their rightful owners to access them.

how do you know this?  do you have access to the public addresses at which the coins are stored?  if so, please provide.

[cypherdoc]

Use of dead drops, transaction delaying, mixing services and other means help increase anonymity, but are too difficult / time consuming for most people to want to use. 

i know of no one more motivated than MyBitcoin.

what is a dead drop?

[cypherdoc]

By observing timing and size of network traffic bursts, one may deduce who is the sender of a bitcoin transaction, even if the network connection is encrypted.  And by default, the connection is not encrypted.

This is why it would make no sense to just encrypt bitcoin traffic as a separate overlay network.

Making use of an existing onion net such as I2P/Tor allows hiding the bitcoin traffic between other traffic. Still not 100% fool proof, as you could always do some kind of statistic analysis, but it moves it a lot more toward the tinfoil hat domain.

Anyway, the most effective way to trace people is indeed to have inside info at the exchanges. At the point where bitcoins are exchanged for bank money it's easy to ID who is behind it. From there, the network can be followed. This will become infeasible when there are people that are only paid in bitcoin and spend bitcoin and never trade, but my gut feeling is that those are really rare at this moment.

i often buy large amts of btc one on one with another bitcoiner here on the forum.  after he sends to me i go and deposit USD in his bank acct.  what if MyBitcoin has numerous P2P contacts like me and slowly liquidates his stolen btc.  how do you detect that esp. if he creates several wallets and routes through each of them prior?

[foggyb]

Pseudo-anonymous ...

... bitcoin's biggest deficiency as money, imo.

This is such a cheesy argument. My bank knows what I buy with my credit cards, where I buy it, and how much i spent. So does your bank. Everyone's bank.


To do the same thing with bitcoin, you need to be one of two things:

1.  A skilled hacker.
2. A government agency with probable cause.

  

[Big Time Coin]

No, it's not "just theory".

By observing timing and size of network traffic bursts, one may deduce who is the sender of a bitcoin transaction, even if the network connection is encrypted.  And by default, the connection is not encrypted.

This is obviously predicated on someone already observing you, as well as actively sampling the P2P network.  If you find out about a crime after the fact, it is a lot more difficult to associate a transaction with a network address.

Other spends from the same wallet may compromise your identity, if you have ever posted a public bitcoin address somewhere.

In a closed ecosystem without ISP wiretaps and social engineering, bitcoin is highly private.  Use of dead drops, transaction delaying, mixing services and other means help increase anonymity, but are too difficult / time consuming for most people to want to use.  So we must live in the real world, where methods of discovering who is using bitcoin are already well known and used in the field today (keylogging, data sniffing and snarfing, network timing analysis, ...)

jgarzik, I bow to your superior knowledge on this issue.  Much respect.

However, you will always find out about a crime after the fact unless it is part of a larger criminal enterprise that is undergoing an active investigation.  Even when there is active monitoring with wiretaps, it is fairly useless in the P2P context.  This has been demonstrated by the huge proliferation of child pornography on the gnutella p2p network.  The police catch a small percentage of people sharing it, and it continues to multiply faster than it is stamped out, for almost a decade, despite continuous monitoring (dedicated, large-scale, expensive, distributed) of the P2P network in real time.

Here's the test, for you, Gavin, and whoever else knows enough about bitcoin and computer science to qualify as an expert in court.  Can you apply your theories about bitcoin not being anonymous to a real-world case.  Where are the mybitcoin, bitomat, and allinvain's bitcoins now?  Obviously, no one knows.  That's because bitcoins are anonymous.

You have publicly said and continue to maintain that they are not, and I respect that opinion as much as I respect you as a core developer.  But "keylogging, data sniffing and snarfing, network timing analysis" all presume that the investigator already has a target, has a court order in place to allow real-time monitoring of the target's electronic communication, and is monitoring that target when the crime takes place.  This is not going to happen in the real world with a real criminal but rarely, if ever.

There could be money in it for you, as an expert witness for the plaintiffs in a lawsuit against the operator(s) of mybitcoin.com, bitomat, and the allinvain malware, probably $10k to $25k, in each case though I won't be paying you so that's just a guesstimate, ballpark fee for an expert witness in a lawsuit.  Could higher if it turns out to be a $1 million lawsuit that requires your testimony.

Consider that some people that have lost bitcoin through fraud trusted the developers when they said that bitcoins were not anonymous.  That there was some way to trace them.  The time has come to prove it isn't "just theory".  Didn't Gavin Andresen go talk to the CIA about this at a hacker conference?  If you guys have any software at all to help out or are working on tracing software, now would be a good time to release it and start building some cases. 

[Big Time Coin]

Problem #1: How the hell am I supposed to know what addresses were Mybitcoin receiving addresses to begin with?  I can start a thread, but only a tiny fraction of people are going to see it or post their receiving addresses in there.

Quite easily. Using the blockchain, you can narrow down which transactions were from an ewallet by looking for transactions with almost no change. From there, some additional analysis can tell you with near certainty which addresses belonged to Mybitcoin.

Sounds good, please help turn this into an actual bit of pseudocode.  I give it a 1 out of 4 in its current state, no offense, but I can't write up an algorithm from it without fleshing it out some more.  What do you mean by "almost no change" and "additional analysis".

OK here is a blockexplorer link with a 14901.47 bitcoin transfer, that's pretty big.
http://blockexplorer.com/block/00000000000006770211a16cffd5ef085f3c3ed192967bb468545a8208b6dd01

following by hand we see that address 1H7otjEVe8hToKZp1pkiwy5U1Q4AoxPE61 was a one-off, received from
1C7NuqhuPhzTnga9oEgWpppNB94H6pqkcq  was 16901.47
1NiaokMExGmHc6rXnYZVC2kmNxVuBkgUpd
1MkZPvYxrfsi2oMJzLXJkeFdirnRrPY7gE
1Js9KagG6XriQwGMSnmsKAbEaAeb5SktqH
1HWyXtxDztaHQVDC3AsExkjBLb6QJEV812
1ABSwcSCem629fsyE1iSms9R2QTU8CL21p
1Em38UYdqmqXK8HtsbckL9867XL2WE73KQ
1MiBVHXdLTZXG5R7FdtxDt8gA3XPfTGtDm
13CCfvtvppQnFtQxE12sNufVa9j4WNm3v2
133eqQmq8HrGxPNiJSGFVXC9RGBjhFL66W
171utvtF4SVkgNR7VXqht5dZStn7UvJ5wL
1748UZ1VXeFqSp8qFXdGB3PM8nz5zjbqRY
1K31DMjDXJUEqQxH5LaXipyeUFZEm3KZrG   35k btc

but anyway, that goes back way into 2010... probably not the coins we are looking for

and here is the blockexplorer for my mybitcoin address, so I have one confirmed sample to work with:
http://blockexplorer.com/address/15qEeifQfkkgThE81PzaZsEkA79dvaMMXE

[allinvain]

Pseudo-anonymous ...

... bitcoin's biggest deficiency as money, imo.

So you wish it to be 100% anonymous? Or?

[allinvain]

No, it's not "just theory".

By observing timing and size of network traffic bursts, one may deduce who is the sender of a bitcoin transaction, even if the network connection is encrypted.  And by default, the connection is not encrypted.

This is obviously predicated on someone already observing you, as well as actively sampling the P2P network.  If you find out about a crime after the fact, it is a lot more difficult to associate a transaction with a network address.

Other spends from the same wallet may compromise your identity, if you have ever posted a public bitcoin address somewhere.

In a closed ecosystem without ISP wiretaps and social engineering, bitcoin is highly private.  Use of dead drops, transaction delaying, mixing services and other means help increase anonymity, but are too difficult / time consuming for most people to want to use.  So we must live in the real world, where methods of discovering who is using bitcoin are already well known and used in the field today (keylogging, data sniffing and snarfing, network timing analysis, ...)

Here's the test, for you, Gavin, and whoever else knows enough about bitcoin and computer science to qualify as an expert in court.  Can you apply your theories about bitcoin not being anonymous to a real-world case.  Where are the mybitcoin, bitomat, and allinvain's bitcoins now?  Obviously, no one knows.  That's because bitcoins are anonymous.

You have publicly said and continue to maintain that they are not, and I respect that opinion as much as I respect you as a core developer.  But "keylogging, data sniffing and snarfing, network timing analysis" all presume that the investigator already has a target, has a court order in place to allow real-time monitoring of the target's electronic communication, and is monitoring that target when the crime takes place.  This is not going to happen in the real world with a real criminal but rarely, if ever.

There could be money in it for you, as an expert witness for the plaintiffs in a lawsuit against the operator(s) of mybitcoin.com, bitomat, and the allinvain malware, probably $10k to $25k, in each case though I won't be paying you so that's just a guesstimate, ballpark fee for an expert witness in a lawsuit.  Could higher if it turns out to be a $1 million lawsuit that requires your testimony.

I'm going to have to take the side of Big Time Coin on this one...I challenge anyone to find out who is behind the following address:
http://blockexplorer.com/address/1C7tbiXExkyXfZLyCBNZYH24VDC5JryVXK

That's a chunk of my 25K bitcoins

I can track these damn things in perpetuity, but what good is that going to do me?

[ctoon6]

i have been trying to tell people, centralization is not the answer a little after i got into bitcoin, i guess it takes this to kick the message in.

[marcus_of_augustus]

No, it's not "just theory".

By observing timing and size of network traffic bursts, one may deduce who is the sender of a bitcoin transaction, even if the network connection is encrypted.  And by default, the connection is not encrypted.

This is obviously predicated on someone already observing you, as well as actively sampling the P2P network.  If you find out about a crime after the fact, it is a lot more difficult to associate a transaction with a network address.

Other spends from the same wallet may compromise your identity, if you have ever posted a public bitcoin address somewhere.

In a closed ecosystem without ISP wiretaps and social engineering, bitcoin is highly private.  Use of dead drops, transaction delaying, mixing services and other means help increase anonymity, but are too difficult / time consuming for most people to want to use.  So we must live in the real world, where methods of discovering who is using bitcoin are already well known and used in the field today (keylogging, data sniffing and snarfing, network timing analysis, ...)

But in practicality, who has the means to carry out these kinds of traffic analysis and ISP connection snooping?

Government agencies.

Go figure on that one.

[marcus_of_augustus]

Pseudo-anonymous ...

... bitcoin's biggest deficiency as money, imo.

So you wish it to be 100% anonymous? Or?

Is gold anonymous?

[allinvain]

Pseudo-anonymous ...

... bitcoin's biggest deficiency as money, imo.

So you wish it to be 100% anonymous? Or?

Is gold anonymous?

Sort of...someone can perhaps trace where you bought to gold from (assuming you're holding it in physical form and not stored with some storage provider or in "paper form") but it would be pretty damn hard to find out where you may have hidden your gold stash. If you buy gold from coin shops with cash and assuming they don't video tape everything then you're 100% anonymous. I'd say that bitcoin can be far more anonymous than gold.

[marcus_of_augustus]

I'd say that bitcoin can be far more anonymous than gold.

You don't really have that much experience with using cash or gold do you?

[ctoon6]

if you buy a bar of gold, i think it has a serial number on it. so you would be crazy to accept damage gold unless at a good price 

[allinvain]

I'd say that bitcoin can be far more anonymous than gold.

You don't really have that much experience with using cash or gold do you?

And I suppose you do? How do you draw that judgement based on my statement is beyond me. When you buy gold you typically have to provide some real world proof of id or some info about you (assuming you did not fake it) gets left behind at the merchant or point of purchase. With bitcoin what info info about you is stored? Your e-mail address? Your IP? Get real man, bitcoin IS anonymous.

[allinvain]

if you buy a bar of gold, i think it has a serial number on it. so you would be crazy to accept damage gold unless at a good price 

You can still get scammed with gold too. But usually if you stay within the gold chain of integrity (Gold bars from the "good delivery list" )..anyways google "gold chain of integrity"..

[westkybitcoins]

I'd say that bitcoin can be far more anonymous than gold.

You don't really have that much experience with using cash or gold do you?

And I suppose you do? How do you draw that judgement based on my statement is beyond me. When you buy gold you typically have to provide some real world proof of id or some info about you (assuming you did not fake it) gets left behind at the merchant or point of purchase. With bitcoin what info info about you is stored? Your e-mail address? Your IP? Get real man, bitcoin IS anonymous.

I've never had to provide ID, background info, or even my name when buying gold, although I chose to once or twice by buying via debit card. Just find a brick-and-mortar shop that sells gold. Take cash. Buy smallish amounts. Nothing to it.

If you want to spend a lot, either first build up a rapport with the shop owner over time, or look for several more out-of-the-way places to buy from. (Look hard. Odd downtown shops and flea markets can surprise you.)

[allinvain]

I'd say that bitcoin can be far more anonymous than gold.

You don't really have that much experience with using cash or gold do you?

And I suppose you do? How do you draw that judgement based on my statement is beyond me. When you buy gold you typically have to provide some real world proof of id or some info about you (assuming you did not fake it) gets left behind at the merchant or point of purchase. With bitcoin what info info about you is stored? Your e-mail address? Your IP? Get real man, bitcoin IS anonymous.

I've never had to provide ID, background info, or even my name when buying gold, although I chose to once or twice by buying via debit card. Just find a brick-and-mortar shop that sells gold. Take cash. Buy smallish amounts. Nothing to it.

If you want to spend a lot, either first build up a rapport with the shop owner over time, or look for several more out-of-the-way places to buy from. (Look hard. Odd downtown shops and flea markets can surprise you.)

True enough, and that's what I was saying in one of my previous posts. But keep in mind that you are still exposing your visual identity (ie your face) to the shop keeper. In that sense it is not 100% anonymous. You'd be surprised how good some people's memory can be.

I think it's a bad idea that the gold shops you frequent don't ask for id - ie money laundering.

The gist of my argument is that it is a lot easier to leave no traces in the digital world than in the physical world - hence anything do in "real life" carries the risk of compromising your "anonymity"

[cypherdoc]

I'd say that bitcoin can be far more anonymous than gold.

You don't really have that much experience with using cash or gold do you?

i do.  its less anon than you think.  i've been selling my gold and silver and the coin shop issues a 1099 to me when i do.
they also took down my drivers license, address, and a fingerprint.

when i bought it i don't remember having to do that tho.

[lettucebee]

To do the same thing with bitcoin, you need to be one of two things:

1.  A skilled hacker.
2. A government agency with probable cause.

But "keylogging, data sniffing and snarfing, network timing analysis" all presume that the investigator already has a target, has a court order in place to allow real-time monitoring of the target's electronic communication, and is monitoring that target when the crime takes place.  This is not going to happen in the real world with a real criminal but rarely, if ever.

Guys, I am following this thread with great interest.  I am a student of how one sifts through the blockchain, but when I encounter comments like the above I have to weigh in with what I do know. 

We can all assume that every single thing we do on the internet, phone calls we make, credit card purchases, our location (from our cell phones), bank transactions, pretty much every electronic transaction, travel patterns, and on and on....are stored and analyzed WITHOUT A COURT ORDER.

See http://www.eff.org/issues/nsa-spying just for starts.  You should assume that the traffic analysis discussed here is already being done on the blockchain at a minimum.

"Every purchase you make with a credit card, every magazine subscription you buy and medical prescription you fill, every Web site you visit and e-mail you send or receive, every academic grade you receive, every bank deposit you make, every trip you book and every event you attend — all these transactions and communications will go into what the Defense Department describes as "a virtual, centralized grand database," infamously wrote New York Times writer William Safire, announcing the birth of Total Information Awareness, a kind of Echelon on steroids introduced a year after 9/11.

[allinvain]

I wonder if they do this for non US Citizens as well.

[foggyb]

I'd say that bitcoin can be far more anonymous than gold.

You don't really have that much experience with using cash or gold do you?

i do.  its less anon than you think.  i've been selling my gold and silver and the coin shop issues a 1099 to me when i do.
they also took down my drivers license, address, and a fingerprint.

when i bought it i don't remember having to do that tho.

In my part of Canada (mid-west) i am not aware of any reputable retail location that I can purchase PM's from, without supplying photo ID.

[allinvain]

Thanks guys for vindicating and proving my point.

[westkybitcoins]

I'd say that bitcoin can be far more anonymous than gold.

You don't really have that much experience with using cash or gold do you?

And I suppose you do? How do you draw that judgement based on my statement is beyond me. When you buy gold you typically have to provide some real world proof of id or some info about you (assuming you did not fake it) gets left behind at the merchant or point of purchase. With bitcoin what info info about you is stored? Your e-mail address? Your IP? Get real man, bitcoin IS anonymous.

I've never had to provide ID, background info, or even my name when buying gold, although I chose to once or twice by buying via debit card. Just find a brick-and-mortar shop that sells gold. Take cash. Buy smallish amounts. Nothing to it.

If you want to spend a lot, either first build up a rapport with the shop owner over time, or look for several more out-of-the-way places to buy from. (Look hard. Odd downtown shops and flea markets can surprise you.)

True enough, and that's what I was saying in one of my previous posts. But keep in mind that you are still exposing your visual identity (ie your face) to the shop keeper. In that sense it is not 100% anonymous. You'd be surprised how good some people's memory can be.

I think it's a bad idea that the gold shops you frequent don't ask for id - ie money laundering.

I strongly disagree.

Setting aside for a moment the actual "wrongness" of obscuring one's finances in the first place....

If the little old lady selling some silver coins and a couple of 1/10 ounce gold eagles at the flea market asks for ID before selling to anyone, she's going to go home without having made a sale. She doesn't need anyone else's ID, and frankly, the harm she could do with it is far greater than the harm I'm going to do buying a few hundred dollars worth of metal.

Ditto to the traditional, reputable coin shop. It's not uncommon to show ID when selling a lot of metal, or jewelry or the like, on the off chance you're fencing stolen goods. But buying? What would be the point of looking at the name of someone who buys a gold coin? It's not like the mafia or drug cartels (or your neighborhood drug dealer, I would imagine) do business in gold. Last I heard they had a preference for euros....

The gist of my argument is that it is a lot easier to leave no traces in the digital world than in the physical world - hence anything do in "real life" carries the risk of compromising your "anonymity"

I agree, using a physical money requires some sort of physical presence and interaction at some point. I was just pointing out that, at least here in the U.S. (for now, anyway), using gold can be fairly anonymous.

[westkybitcoins]

I wonder if they do this for non US Citizens as well.

I'm fairly certain they do.

http://en.wikipedia.org/wiki/Echelon_(signals_intelligence)

[Big Time Coin]

We can all assume that every single thing we do on the internet, phone calls we make, credit card purchases, our location (from our cell phones), bank transactions, pretty much every electronic transaction, travel patterns, and on and on....are stored and analyzed WITHOUT A COURT ORDER.

See http://www.eff.org/issues/nsa-spying just for starts.  You should assume that the traffic analysis discussed here is already being done on the blockchain at a minimum.

Thanks for blowing the whistle early on mybitcoin lettucebee, you saved me a hundred coin at least!.  Still lost 40 or so I was about to transfer to an offline wallet.  I discovered the site was down on the day it first went down when I went to log-in for the final transfer and close my account. 

Anyway, to respond to the quoted post, lettucebee, none of that information is admissible in court.  It isn't usable as the basis for a warrant, either.  It is also unavailable to civilian investigators.  Since the bitcoin frauds are not national security matters, the NSA is not going to retarget their datamining, nor will they help with the investigation in any way.

So some datamining AI sifts through all the traffic and sends up the "suspicious" bits through the heirarchy of human review within the U.S. intelligence community to try to prevent terrorism and improve "national security".  So what, it doesn't mean bitcoin is not anonymous just because some super spy-computer could, in theory, link btc to real id.

[lettucebee]

I think it's a misdirection to say things like "bitcoin is (or isn't) anonymous".  This is a point garzik has made before.  What makes it hard to find "Tom Williams" bitcoin is that he used multiple techniques to hide his true identity: an entity (corporation) formed in a jurisdiction friendly to anonymous corporations, a host that accepts a pseudonym, a software application that gave him access to people's coins but that gave no way to reach him, and so on.

It was his lifestyle choices that made him anonymous, not bitcoin.  I'm not saying anything you folks don't know, but we should be more precise with our language.  And last, Tom went to a lot of work to be able to cloak himself this well.  Few people would be able to go through with it all.