How using Tor Browser increases bitcoin theft?

[Darooghe]

Any idea?



On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well. The executives have not made any statements regarding the matter, and the reason behind it remains unknown.

READ MORE: https://www.cryptopolitan.com/tor-browser-increases-bitcoin-theft/

[figmentofmyass]

On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well.

it doesn't---no more than using firefox does.

i suspect localbitcoins is feeling very pressured by regulators (european commission, finnish government) regarding AML enforcement. i'm not sure if regulators are specifically telling them to clamp down on TOR (or VPN) usage, or if they are just trying to be proactive to please them. but this seems like an underhanded attempt to discourage IP address obfuscation techniques.

[aundroid]

I'd be surprised if any security flaws were detected when using a Tor browser.

Although there was a critical bug in Firefox a few months back (see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707) which was fixed immediately.

Hasn' t localbitcoins also just announced that new verification rules and KYC will be introduced in the near future?

looks fishy. 

@Darooghe but you just connected through Tor, didn't you? There' s no message coming up for me.

i suspect localbitcoins is feeling very pressured by regulators (european commission, finnish government) regarding AML enforcement.

I suppose that's exactly what it's going to come down to.
After all, Tor is a thorn in the side of all authorities.

[BitMaxz]

~snip~

@Darooghe but you just connected through Tor, didn't you? There' s no message coming up for me.

Same here I don't see any message from their website while using Tor Browser.

it seems that he is the only who can see this warning from localbitcoins.

@Darooghe

Why not try to update your tor browser and maybe you are using an older version of TOR browser that is why you are getting this warning from localbitcoins or maybe you are accessing a fake localbitcoins website?

If you are using the previous version much better to update them because it is vulnerable to any risk like bitcoin theft or data theft. That is why they keep inform users to use the latest version to avoid this issue.

[bitsurfer2014]

Even if there is a warning or not, we should always remember, that as long as we are online and no matter what kind of security software

we are using whether its TOR, VPN, etc, there will always be  risks of our systems being compromised by intruders. So I encourage

everybody that we should always be security conscious and be more observant of our systems defenses. Actually, I'm not worried about

using TOR being compromised, I'm worried about the increasing sophistication of social engineering attacks which is more prevalent these

days. Imho.

[JeromeTash]

I find such a warning just bullshit probably just away of trying to make Tor browser less popular. LocalBitcoins just recently started to become strict on KYC so what i think they are trying to do is discourage people from using Tor so that their Online presence is easily traceable.
Some People lose bitcoins to scammers anyways so long as they are connected to the web and are so careless.
- "No one is safe"
- "No system is safe"

[rdluffy]

No one is safe and we know that, but now I'm curious to see what's happening and why localbitcoins are acusing tor browser, for me it's doens't make any sense, I can't find a reason that tor is riskier than another browsers 

[mk4]

Lol nice try on Localbitcoin's side. That's not true at all. It looks like they're just desperately indirectly calling it sort of unsecure just so their users wouldn't attempt to hide their IPs using Tor. May it be for KYC/AML or better traceability reasons or for more accurate user statistics on their side. As far as I know they don't ban people for using Tor, so I really don't see any harm in using Tor when using Localbitcoins.

EDIT

@Darooghe but you just connected through Tor, didn't you? There' s no message coming up for me.

Same here I don't see any message from their website while using Tor Browser.

Managed to let the message appear. It appears on the login page.

[tranthidung]

I don't think so, Tor increases privacy in general, and wallets that allow Coinjoin transaction use Tor by default in order to enhance privacy of bitcoin transactions. There are other factors that combine together and contribute to the privacy of users. I don't see any convincing reasons to judge that Tor increase risks of bitcoin theft, honestly.
Enhanced privacy with Wasabi & Samourai wallets

[pooya87]

i honestly can't think of any situation where using Tor would increase the chances of you losing your bitcoins that you are keeping on the same online machine compared to normal times when you are using that machine without Tor!
usually when sites make such claims they also should add a page to explain why they are saying it otherwise we end up speculating about their works with the governments which might be more correct than you may think.

[FlightyPouch]

I think they have their reasons for this since this browser is better than others when it comes to privacy. I doubt that people would be able to track your histories with this. It would not increase the possibility of being hacked but it would increase your time browsing since it is not that fast when it comes to that.

[Leonardo7]

I don't believe this accusation, I incorporate privacy browser to my web search and browsing. I hope they are not going to accuse brave browser as the next, not safe browser.  It's possible localbitcoin wants to keep track of it users.

[Kakmakr]

Well, I do not know if the Tor nodes might have something to do with that? I know it was reported that the 3l3tter agencies can run their own exit nodes and then use these nodes to track IP addresses, so if they are capable of doing that, then other people <hackers> might also be able to do that and once they have your IP Address, it will be easier to target Bitcoin owners. 

The question is, why go through all that trouble, when you can simply target people that are not using Tor with their service? I think this is simply a scare tactic to try and influence people not to use Tor. 

[yazher]

I don't think it came from Tor because it is the most secure way of browsing.
My suspect is a 3rd party software which was the case of hacking of some ETH a year ago
where they hack the google DNS address and put the blame on etherium but the case was solved
and the real cause of hacking is finally found out it was not etherium fault rather it is from google DNS address.

[Janation]

I don't know why did they say that.

Does the Tor browser that I know in the past is not the same as the Tor browser right now?

It is true that most of the people use it to access the Dark/Deep Web but it is not that these hackers can access the computers being used right? Tor browser is known for that that is the reason why I used that in the past to access that "not-to-be-accessed" site as they told me. I think they are just giving warning and not a threat, right?

[figmentofmyass]

It looks like they're just desperately indirectly calling it sort of unsecure just so their users wouldn't attempt to hide their IPs using Tor. May it be for KYC/AML or better traceability reasons or for more accurate user statistics on their side. As far as I know they don't ban people for using Tor, so I really don't see any harm in using Tor when using Localbitcoins.

this is probably the first step towards outright banning TOR and VPN usage or closing accounts over it. bitstamp and poloniex already "limit" VPN usage, which presumably means you risk account closure by using them.

on localbitcoins, one can still trade at the lowest tier with a throwaway name, email and burner phone up to 1000 euro per year. already super low limits in my view, but i guess if you've got some time on your hands and a handful of burner phones, you can dodge their limits in a sort-of meaningful way? by obfuscating your IP.

[fiulpro]

Well I don't even think we should use something other than the Mozilla or Google ..

There are millions of browsers in the market and it is certainly not a good idea to go and try each and every one of them ..be safe and use secure ones acceptable all over the globe.

[DarkIT]

this is indeed quite confusing news. I think tor is one of the best browsers. however, if localbitcoin feels that tor browser can increase theft on bitcoin, then that also has the potential for other browsers right? however there is no truly secure system. we only need to pay attention to the defenses we have on the device we use. So far, I have not used a browser other than Google Chrome, and Firefox.

[hatshepsut93]

On Tuesday the Localbitcoins published a warning on its website. The notice dedicated to Tor users stated that the use of a Tor Browser exposed them to risks of Bitcoin theft. It is unknown whether the message was visible to only Tor users or others as well.

it doesn't---no more than using firefox does.

i suspect localbitcoins is feeling very pressured by regulators (european commission, finnish government) regarding AML enforcement. i'm not sure if regulators are specifically telling them to clamp down on TOR (or VPN) usage, or if they are just trying to be proactive to please them. but this seems like an underhanded attempt to discourage IP address obfuscation techniques.

If it's true, people will now be more suspicious of localbitcoins, since they are lying to users in order to brake their privacy. This will push p2p trading towards decentralized exchanges, forums, telegram channels and so on. And then instead of having some Tor users and some clearnet users, they'll end up with less users overall, and regulators will have harder time spying on people.

[btctaipei]

tor will not increase nor decrease the possibility of bitcoin theft.
technically, I don't see how this can be true, and here is why:

1) Say some user choose to send traffic traverse thru Tor (via socks proxy localhost then transit its way on port 443 to LBC) via SSL engine embedded in Tor Browser
2) in some instance, this TLS session traffic enters into a monitoring exit node that logs and decrypts well known certs for meta-data extractions (like google services and other deep state firms)
3) since the private key generated x.509 cert request remained unknown, signed by CA, there is insufficient believe that 3rd party can decrypt the traffic on your LBC browing session on an Tor exit node.

However, if an website like LBC DO uses CDN service like akamia or cloudflare,etc; then things can go WRONG. This is true even for user NOT browsing with Tor:

4) Tor exit node output IP obfuscated traffic to CDN protecting or increase service capacity.  Any data you GET thru one of those CDN is not encrypted, (automatic MITM and with CDN SSL and NOT origin SSL Certs) in order for CDN to analysis and to provide filtered service. Reason being your traffic entering and exiting these node with non LBC SSL Certs.  And the session cache can be scrubbed to reveal your wallet, data, recovery seeds, password, as many other goodies with sensitive information like IP and other site you've sited (i.e blockchain.info, coinbase, any many others which also uses CDN like cloudflare).

5) CDN Exfiltrate this meta-data relating to your browsing session to a 3rd party, and re-encrypt to clear txt data to deliver the origin server that hosts actual LBC https://  content via public LBC web SSL Certs.  3rd party pays royalty to CDN like cloudflare, and in term they bragg and offers free unlimited protection for any web site.

Analysis
---------
a) 3rd party can be analytics or big data entities with deep fed banking darknet infrastructure as part of data "source" for on-going dragnet surveillance on it activity.
b) in 3, CDN most likely host origin server's authoritative resolver (acting as LBC DNS for example) and it keep logs and this statistics are normally packaged and for sale to CDN's associates and other interested 3rd Party ($$$)
c) Being existential, LBC may trade in your privacy for free LBC protection.  But since it needs to comply with BTCKYCBTC anyways to prevent being shut down, this is somewhat of a m00t point.

Now, do you see a pattern?