CryptoSable (OP)
Jr. Member
 Offline
Activity: 38
Merit: 2
|
BTC users and linking them to their BTC addresses, violating the privacy of these users, according to a blog post from pseudonymous Bitcoin app developer 0xB10C. The entity has been active since March 2018, and its IP addresses have shown up on several public posts from Bitcoin node operators over the past several years.
0xB10C is the developer of several Bitcoin analytics websites, including Mempool.observer and Transactionfee.info. They have also been awarded a Bitcoin developer grant from Brink.dev in the past.
0xB10C calls the entity “LinkingLion” because the IP addresses associated with it pass through LionLink network’s colocation data center. However, ARIN and RIPE registry information reveal that this company is probably not the originator of the messages, according to 0xB10C.
The entity uses a range of 812 different IP addresses to open connections with Bitcoin full nodes that are visible on the network (also called “listening nodes”). Once it opens a connection, the entity asks the node which version of the Bitcoin software it is using. However, when the node responds with a version number and message stating that it has understood the request, the entity closes its connection about 85% of the time without responding.
According to the post, this behavior may indicate that the entity is trying to determine if a particular node can be reached at a particular IP address.
Anyone know about this?
|
|
|
|
|
|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
Upgrade00
Legendary
Offline
Activity: 2030
Merit: 2174
Professional Community manager
|
 |
March 30, 2023, 05:35:48 AM
Last edit: April 04, 2023, 08:45:52 PM by Upgrade00 |
|
BTC users and linking them to their BTC addresses, violating the privacy of these users,
If that data is publicly available information, it is not a violation for someone to try to access that data and use it. Run your node over TOR for extra privacy. |
|
|
|
YUriy1991
Full Member
Offline
Activity: 910
Merit: 220
#SWGT PRE-SALE IS LIVE
|
|
March 30, 2023, 06:03:55 AM |
|
0xB10C calls the entity “LinkingLion” because the IP addresses associated with it pass through LionLink network’s colocation data center. However, ARIN and RIPE registry information reveal that this company is probably not the originator of the messages, according to 0xB10C.
According to the post, this behavior may indicate that the entity is trying to determine if a particular node can be reached at a particular IP address.
Anyone know about this?
I don't know for sure however, a look at the entity's behavior suggests that it might try to determine if a certain node is reachable at a certain IP address by linking to their Bitcoin address. |
|
|
|
cryptoaddictchie
Legendary
Offline
Activity: 2072
Merit: 1315
|
|
March 30, 2023, 06:12:53 AM |
|
I don't know for sure however, a look at the entity's behavior suggests that it might try to determine if a certain node is reachable at a certain IP address by linking to their Bitcoin address.
But is this method possible by determining its bitcoin address that simple. Its clearly an attempt to do that and if forced thats a violation of privacy. Im wondering why the government wouldnt try to use a platform for this to hunt those scammers. Maybe it will be helpful but this will also be a chaos for those people who only eant their identity hidden. |
|
|
|
franky1
Legendary
Offline
Activity: 4214
Merit: 4475
|
|
March 30, 2023, 12:57:49 PM
Last edit: March 31, 2023, 03:58:55 AM by franky1 Merited by vapourminer (1) |
|
from what you are explaining its just grabbing data from bitcoin DNS seed nodes and then node crawling for more. well thats something thats always been done
many websites show dozens of thousands of ip addresses of IP nodes
bitnodes.io has had lists for years
bitnodes does it by not just asking for user agent details but asking for the getaddr command that means it asks the connected node for their connected nodes. this is called 'crawling'
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
vv181
Legendary
Offline
Activity: 1932
Merit: 1273
|
|
March 30, 2023, 01:12:34 PM |
|
You should reference the original article from 0xB10C: LinkingLion: An entity linking Bitcoin transactions to IPs? Do dandelions help against lions?The Summarise: To summarize, an entity frequently opens connections from multiple IP ranges to many nodes on the Bitcoin network. Some characteristics, like the fake user agents and the block heights that increase precisely every 10 minutes, confirm that the connections do not originate from some misconfigured Bitcoin node but are custom clients. About 20% of the connections are used to listen to transaction announcements, allowing the entity to link newly broadcast transactions to IP addresses. The same IP addresses connect to nodes on the Monero network too.
Only a few details about the entity are known. The same IP ranges have been making connections since 2018 in some capacity. It’s unclear if the IP ranges are maybe endpoints of a VPN service. Similarly, if the entity is a single entity or a group of legal entities is unknown. The behavior could indicate financial motives. A possibility is a blockchain analysis company that wants to enrich its product with additional data. A short-term solution might be a banlist or reporting the entity’s behavior. Solving the root problem requires deeper changes to the P2P logic in bitcoin. Anyone who runs nodes can see whether LinkingLion is connected or not by running: $ bitcoin-cli getpeerinfo | grep -E '162.218.65|209.222.240|91.198.115|2604:d500:4:1' violating the privacy of these users
Anyone who have done bitcoin transaction without using their own node should expect that the transaction can be tracked, even without this LinkingLion thing. The solution for the users themselves is to simply run their own node, and currently, also using the mitigation ways as stated in the article to block the alleged LinkingLions' motive. |
|
|
|
|
Lorence.xD
Sr. Member
Offline
Activity: 1624
Merit: 315
Leading Crypto Sports Betting & Casino Platform
|
|
March 30, 2023, 01:15:28 PM |
|
I don't know for sure however, a look at the entity's behavior suggests that it might try to determine if a certain node is reachable at a certain IP address by linking to their Bitcoin address.
But is this method possible by determining its bitcoin address that simple. Its clearly an attempt to do that and if forced thats a violation of privacy. Im wondering why the government wouldnt try to use a platform for this to hunt those scammers. Maybe it will be helpful but this will also be a chaos for those people who only eant their identity hidden. Government can't use this method as mentioned that it was a violation of privacy even they don't try to show it to public. This is one of the pros but the one I consider cons is that once their system is hacked, it's possible that those data might leak. There's many events that have the same scenario just like this. For example Facebook was sued for the same situation where the CEO of Facebook ( Mark Zuckerberg ) was in court. Recently I've also seen the TikTok CEO also having the same situation which he had to defend the privacy data of it's users. |
|
|
|
|
|
█▀▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄▄ | | .
Stake.com | | ▀▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄▄█ | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | █▀▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄▄ | | .
PLAY NOW | | ▀▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄▄█ |
|
|
|
|
Aanuoluwatofunmi
|
|
March 30, 2023, 01:21:33 PM |
|
That's why a blockchain is said to be an open distributed ledger, anyone can have access to them, but remember that the right they don't have is to alter anything from it, which is when immutability comes in, so if you think you're very conscious of your privacy and wouldn't want to be traced, then avoid centralized exchanges, run your own full node on the blockchain, bitcoincore is a good recommendation here.
|
|
|
|
franky1
Legendary
Offline
Activity: 4214
Merit: 4475
|
|
March 30, 2023, 08:33:49 PM
Last edit: April 01, 2023, 01:35:51 PM by franky1 Merited by vapourminer (1) |
|
node crawlers only link up for seconds. they dont stay connected to then sniff out transaction broadcasts
the whole point of the bitcoin network is to find other peers to talk to.. so if you are a noob wondering why nodes connect to nodes.. its called a peer 2 peer network.
nodes are suppose to find each other
mode nodes only want to connect to like 8 other nodes. some more.. and yes it seems nodes trying to search out 15,000+ other nodes may seem a bit too much and may seem suspect, but no its not suspect. even the core devs do it themselves. they have crawlers and bitdns seeds that gather thousands of connection details.
knowing your ip or tor domain does not reveal your real life name. its just connection details
if someone has been telling you about privacy and anonymity. they lied bitcoin is not anonymous, its pseudonymous
bitcoin does not specifically KYC your life story. but it also does not do anything to hide you should you reveal your life to others
this is why people need to put in the extra effort to think about what they reveal to others.
such as using tor, proxies, vpn
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
|
|
|
HedgeFx
|
|
April 01, 2023, 10:46:15 AM |
|
According to the post, this behavior may indicate that the entity is trying to determine if a particular node can be reached at a particular IP address.
Anyone know about this?
Governmen Could this be an attempt by some government, or set of governments, to limit bitcoin in some way? It could be the prelude to a "war" aimed at limiting privacy and anonymous transactions that world governments want to carry on. |
|
|
|
|
DaveF
Legendary
Offline
Activity: 3472
Merit: 6269
Crypto Swap Exchange
|
|
April 01, 2023, 10:54:24 AM |
|
According to the post, this behavior may indicate that the entity is trying to determine if a particular node can be reached at a particular IP address.
Anyone know about this?
Governmen Could this be an attempt by some government, or set of governments, to limit bitcoin in some way? It could be the prelude to a "war" aimed at limiting privacy and anonymous transactions that world governments want to carry on. Read what franky1 said and a few others. This is noting new. There are sites that have been doing it for years. THERE ARE OR WERE A FEW THINGS ON GITHUB THAT WOULD DO THIS. All nodes can find out about all other nodes. That is how BTC works. Part of me wants to report this thread, another wants it to stay up to fight FUD so there is real info out there. -Dave |
|
|
|
|
mendace
|
|
April 01, 2023, 12:55:40 PM |
|
Anyone know about this?
According to pseudonymous developer 0xB10C's blog post, the entity allegedly used a number of different IP addresses to connect to Bitcoin full nodes on the network and ask them which version of Bitcoin software they are using. The blog post speculates that the entity is attempting to determine whether a particular node can be reached at a particular IP address, thereby violating the privacy of Bitcoin holders connected to those nodes. If I have not misunderstood all the ip addresses used seem to come from a limited area. Anyway my advice is to use an OS like Tails under tor on a USB key to manage your wallets. I know I have a certain security mania. Even qubes OS is not bad, indeed. |
|
|
|
|
franky1
Legendary
Offline
Activity: 4214
Merit: 4475
|
|
April 01, 2023, 01:37:58 PM |
|
If I have not misunderstood all the ip addresses used seem to come from a limited area. Anyway my advice is to use an OS like Tails under tor on a USB key to manage your wallets. I know I have a certain security mania. Even qubes OS is not bad, indeed.
yes this topics FUD is about doing the crawling using known connections to then find more connections (its how the network normally works) its not about some entity just random bruting every IP of the entire internet to test which of every internet user is using bitcoin this process discussed is not about staying connected to all nodes to then watch for who broadcasts a tx first to locate which tx belongs to which node |
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
|
