How using Tor Browser increases bitcoin theft?

[ohyeahhaha122]

I still can't believe such a reputable web browser. Everything is at risk. Our job is to control risk, I think tor will have a proof

[1713860646]

1713860646

[1713860646]

1713860646

[1713860646]

1713860646

[adaseb]

tor will not increase nor decrease the possibility of bitcoin theft.
technically, I don't see how this can be true, and here is why:

1) Say some user choose to send traffic traverse thru Tor (via socks proxy localhost then transit its way on port 443 to LBC) via SSL engine embedded in Tor Browser
2) in some instance, this TLS session traffic enters into a monitoring exit node that logs and decrypts well known certs for meta-data extractions (like google services and other deep state firms)
3) since the private key generated x.509 cert request remained unknown, signed by CA, there is insufficient believe that 3rd party can decrypt the traffic on your LBC browing session on an Tor exit node.

However, if an website like LBC DO uses CDN service like akamia or cloudflare,etc; then things can go WRONG. This is true even for user NOT browsing with Tor:

4) Tor exit node output IP obfuscated traffic to CDN protecting or increase service capacity.  Any data you GET thru one of those CDN is not encrypted, (automatic MITM and with CDN SSL and NOT origin SSL Certs) in order for CDN to analysis and to provide filtered service. Reason being your traffic entering and exiting these node with non LBC SSL Certs.  And the session cache can be scrubbed to reveal your wallet, data, recovery seeds, password, as many other goodies with sensitive information like IP and other site you've sited (i.e blockchain.info, coinbase, any many others which also uses CDN like cloudflare).

5) CDN Exfiltrate this meta-data relating to your browsing session to a 3rd party, and re-encrypt to clear txt data to deliver the origin server that hosts actual LBC https://  content via public LBC web SSL Certs.  3rd party pays royalty to CDN like cloudflare, and in term they bragg and offers free unlimited protection for any web site.

Analysis
---------
a) 3rd party can be analytics or big data entities with deep fed banking darknet infrastructure as part of data "source" for on-going dragnet surveillance on it activity.
b) in 3, CDN most likely host origin server's authoritative resolver (acting as LBC DNS for example) and it keep logs and this statistics are normally packaged and for sale to CDN's associates and other interested 3rd Party ($$$)
c) Being existential, LBC may trade in your privacy for free LBC protection.  But since it needs to comply with BTCKYCBTC anyways to prevent being shut down, this is somewhat of a m00t point.

Now, do you see a pattern?

Giving you a merit for a well written post. This is basically the same as some people freaking out about using public WIFI. Most sites these days use HTTPS and most of the data sent to the website is encrypted and its very difficult to decrypt this info unless you know the key which only the server possesses.

There are issues however with some data that isn't encrypted and depending on what site you are browsing. Some sites might have HTTPS for certain areas but not the entire site and that info is very easy to view. This is where some people who used those packet sniffers back in 2010 read some private info over public wifi such as in a University. However usernames, passwords and emails were always encrypted.

[manok jepang]

I think the caveat offered by Tor, historically related to extra-personal spending and other browsers related to FireFox are theoretically equally vulnerable. LOCALBITCOINS raises concerns about privacy tor

[Bitcoin Seller]

Tor browser doesn't increase Bitcoin theft, It's either you are using the wrong localbitcoin site or they are trying to stop their users from hiding their ip address.

Be careful when using Tor. Operators maintain a registry of TOR users. That is, just downloading the browser, you get into the list. Files are sent through several servers to confuse those who want to track traffic. The last server in rare cases may be yours. If you're not lucky, "they may be accused of drug trafficking. Most of the Tor traffic comes from the Darknet. Your security and anonymity are at risk on sites without an SSL certificate. It’s better to avoid sites on http and only go where there is https.

[Artemis3]

  b) And I think this is the bigger issue. People not setting stuff up properly and getting bitten by that.

Genuinely curious, what do you think the average person using Tor should set up to avoid getting attacked? Anyway, I agree with you that they're covering their ass, but more from regulatory pressure than anything else.

Malicious exit nodes mounting MITM attacks is a vector I hadn't considered before. I had been thinking of them mainly as surveillance adversaries. I'm not actually sure this is a legitimate concern, though. It seems like attackers could do more effective analysis on regular clearnet usage to mount more effective generalized attacks on a bigger population.

Maybe DaveF could elaborate on how targeted routing analysis would make such attacks more likely. My initial reaction is that users running NoScript and/or disabling JS should be much better protected against MITM attacks than average web users too, so that's another reason why average TOR browser users should be safer.

This has been going for long, but lately it is ever a concern, as most sites switched to https anyway, and the exit node can do nothing about that.
HTTPS Everywhere is rather useless at this point in time, because, most sites already are https and there is no need to try force it anymore. Besides, those few sites that still don't have https, won't have it magically only because you have that add on. Thanks the EFF for the push tho.

Getting rid of scripts (i like umatrix more than noscript) is a solid move. Only while list trusted sites and at the same time get rid of the tracking garbage.

Be careful when using Tor. Operators maintain a registry of TOR users. That is, just downloading the browser, you get into the list. Files are sent through several servers to confuse those who want to track traffic. The last server in rare cases may be yours. If you're not lucky, "they may be accused of drug trafficking. Most of the Tor traffic comes from the Darknet. Your security and anonymity are at risk on sites without an SSL certificate. It’s better to avoid sites on http and only go where there is https.

This is utter nonsense and you have no idea what you are talking about. Get informed before writing stuff first...

[pjcaruci]

I don't think Tor can really help with that. You just have to be more careful.