Stealth mining

[MrMik]

Are you sure the vpn server is closest to Singapore?

I tried all of the Braiins Stratum V1 mining server options in the 'Connect a miner' list. The ping time for Singapore is better than the others, but it does not result in a better hashing rate.

If you trust Braiins you just need to use V2 (only) and its encrypted, instead of clear text v1 which tells everyone what you mine and where.

Can I choose Stratum V2 even if I don't run Braiins OS at this stage?

Of course you also want to obfuscate your DNS queries, so install dnscrypt-proxy in your lan and use that as your DNS.

I'll have to learn about that.

Remember that the VPN server knows who you are, and with V1 everything between that and the pool is in the clear for anyone to see.

Don't worry, i can tell you where else the miner is connecting (drumroll): it connects to Braiins Pool using V2 for the dev fee. We can provide you a list of domain names for whitelisting in case you need (pm), you can block everything else.

Does that apply to a miner running Braiins OS only?

[/quote]

Thanks for all the explanations! Some of it sounds like Bohemian villages for now, but that's changing rapidly thanks to all the help offered in this forum!

[MrMik]

Get a new router that is programmed to only connect via a VPN and use that for mining?

Yes, any router that has VPS support will work, and the whole network will be running under VPN, or get a proper router like Mikrotik and rent a VPS somewhere close to you and route all your packets encrypted through that VPS, and your ISP will see that you are connecting to a server in (Germany, Norway) but they won't know exactly what you are doing, the process won't be simple, you will need to have some networking background and use a bit of googling, it's a matter of setting up some L2TP / IPSEC tunnel with some encryption like AES256, some of those algos are weak but then keep in mind the stronger the slower, so you want to find a sweet spot.

If you don't feel like going all that, just get a VPS router, many TPlinks come with easy-to-set-up VPN interfaces, and no skills are required, but the downside is, your ISP will know that you are using a VPN, they just won't know what those packets have in them unless they want to spend the money and time to decrypt them, which is unlikely.

I can't tell for Solo mining, but with pool mining, connected to a VPS in a different continent, using both SHA1 and AES256, there is exactly 0 issues, no rejected/stale shares, and everything works exactly the same when the connection to the VPS or not, my VPS is in EU which is probably pretty close to the pool's server so that's some info to keep in mind, I would assume if the VPS was in Japan and the pool server was in the U.S, with all the delay I am adding, that would probably trigger some lost shares along the way.

I have also tested the same router with Nord VPN, with almost the exact same results.

Use a mining proxy like Antproxy, connect your miners to that proxy, and install VPN on the PC, and the problem is solved, of course, the downside is that you will need the PC to run 24/7, the proxy isn't 100% stable (I have yet to find a dead stable mining proxy) so you are going to write some scripts to watch it and restart it in case something goes wrong.

Thank you very much, I continue to re-read this and eventually it will make sense.

Looking at the Mikrotik website and all they offer, the explanations of what the various gizmos are for and what they can do is well and truly Gobbledigook for me at this stage. 

Much to learn! This is not a request to explain it further, it's on me to put in the learning work.

I'm also considering walking into my local gaming supply shop and ask the geek running it if he can sell me the stuff I need.

[kano]

...
Kano seems to be confusing pool with firmware again...

If you trust Braiins you just need to use V2 (only) and its encrypted, instead of clear text v1 which tells everyone what you mine and where.
Of course you also want to obfuscate your DNS queries, so install dnscrypt-proxy in your lan and use that as your DNS.
...

Not sure why you ignored all the points I made.
I guess you didn't want people to take notice of them since they are bad for you

The topic is stealth mining.

Yet your mining OS and software does things behind the scenes that no one actually knows what it is doing,
since the software doing it is closed source and the extra non stratum data it sends is encrypted,
and it connects to another target, if you don't mine to their pool.

It would make sense that someone who wants to stealth mine, has a single connection that they also know what it is doing.
Instead with your OS and software it has multiple connections and it is also sending extra data.

i.e. as I already said, it's an oxymoron.

[MrMik]

The topic is stealth mining.

...
snip
...
i.e. as I already said, it's an oxymoron.

I don't know if there is a definition for 'Stealth mining' that's agreed upon.

What I meant when I came up with the thread title was something like this:

"How can I prevent someone obtaining my ISP's data about my internet habits and then deduct that I have been mining Bitcoin for so-and-so-long, maybe even allowing estimates of how many Sats I might have stacked?"

I want to prevent future blackmailing and extortion attempts, I want to keep those freshly minted Sats anonymous and have plausible deniability in the sense that I did buy mining equipment, but then did not run it much because I realised that it is losing money (big time!) when calculated in $$.

I have no intention to write my own mining software, but would like to use open source as much as possible. But I doubt that any used or new miner I can buy would run open source software (hopefully I am wrong about that, it's a steep learning curve).