Bitcoin Forum
November 15, 2024, 02:52:05 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Outgoing connections to clearnet peers over Tor are less secure?  (Read 79 times)
regenbogen (OP)
Jr. Member
*
Offline Offline

Activity: 31
Merit: 18


View Profile
June 23, 2024, 07:07:48 AM
 #1

Hey,

I'm running a Ƀ full node on Umbrel and I'm a little confused about this one option:

Make All Outgoing Connections to Clearnet Peers Over Tor
(proxy)
Connect to peers available on the clearnet via Tor to preserve your anonymity at the cost of slightly less security.

Why are outgoing connections through Tor less secure?
ABCbits
Legendary
*
Offline Offline

Activity: 3066
Merit: 8087


Crypto Swap Exchange


View Profile
June 23, 2024, 08:59:08 AM
Merited by regenbogen (1)
 #2

It's probably due to one of those reasons,
1. You need to trust the exit node.
2. Unless you and other node use encryption (this is recent addition based on BIP 324), the connection isn't encrypted.
3. Theoretically anyone could run exit node, including government and analysis company.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
nc50lc
Legendary
*
Offline Offline

Activity: 2604
Merit: 6401


Self-proclaimed Genius


View Profile
June 23, 2024, 01:06:48 PM
Merited by LoyceV (6), regenbogen (1)
 #3

Why are outgoing connections through Tor less secure?
Hmm, they use "slightly" there.
Maybe it has something to do with "Sybil Attack" where the Tor exit node might able to isolate your node to the rest of the network by connecting you to his 'bad Bitcoin nodes'.
But since it's extremely hard to pull-off since all of your peers has to be the attacker's nodes, it's a "slightly less security" issue.
Your node will still connect/listen to Bitcoin nodes on Tor with the setting ticked.

But for more accurate answers, it's best to ask the ones who wrote the note themselves.
You may ask the actual Umbrel developers with their contact info here: https://github.com/orgs/getumbrel/people

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
BlackHatCoiner
Legendary
*
Offline Offline

Activity: 1708
Merit: 8336


Fiatheist


View Profile WWW
June 23, 2024, 04:04:07 PM
Merited by LoyceV (6), regenbogen (1)
 #4

I believe it wanted to mean "privacy" there. Theoretically, it's easier to break Tor->clearnet than Tor->hidden service. It'd be better to configure your node connect only with hidden services:
Code:
onlynet=onion

2. Unless you and other node use encryption (this is recent addition based on BIP 324), the connection isn't encrypted.
From the other person's Bitcoin node to your exit node? Yes, but from your node to the exit node the connection is encrypted.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
LoyceV
Legendary
*
Offline Offline

Activity: 3500
Merit: 17685


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
June 24, 2024, 07:04:41 AM
Merited by regenbogen (1)
 #5

3. Theoretically anyone could run exit node, including government and analysis company.
Just like anyone could run a full node, so if you don't run over Tor it's even easier for them to "spy" on you.

▄▄███████████████████▄▄
▄█████████▀█████████████▄
███████████▄▐▀▄██████████
███████▀▀███████▀▀███████
██████▀███▄▄████████████
█████████▐█████████▐█████
█████████▐█████████▐█████
██████████▀███▀███▄██████
████████████████▄▄███████
███████████▄▄▄███████████
█████████████████████████
▀█████▄▄████████████████▀
▀▀███████████████████▀▀
Peach
BTC bitcoin
Buy and Sell
Bitcoin P2P
.
.
▄▄███████▄▄
▄████████
██████▄
▄██
█████████████████▄
▄███████
██████████████▄
███████████████████████
█████████████████████████
████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀

▀▀▀▀███▀▀▀▀
EUROPE | AFRICA
LATIN AMERICA
▄▀▀▀











▀▄▄▄


███████▄█
███████▀
██▄▄▄▄▄░▄▄▄▄▄
████████████▀
▐███████████▌
▐███████████▌
████████████▄
██████████████
███▀███▀▀███▀
.
Download on the
App Store
▀▀▀▄











▄▄▄▀
▄▀▀▀











▀▄▄▄


▄██▄
██████▄
█████████▄
████████████▄
███████████████
████████████▀
█████████▀
██████▀
▀██▀
.
GET IT ON
Google Play
▀▀▀▄











▄▄▄▀
ABCbits
Legendary
*
Offline Offline

Activity: 3066
Merit: 8087


Crypto Swap Exchange


View Profile
June 24, 2024, 08:33:48 AM
 #6

Why are outgoing connections through Tor less secure?
Hmm, they use "slightly" there.
Maybe it has something to do with "Sybil Attack" where the Tor exit node might able to isolate your node to the rest of the network by connecting you to his 'bad Bitcoin nodes'.
But since it's extremely hard to pull-off since all of your peers has to be the attacker's nodes, it's a "slightly less security" issue.
Your node will still connect/listen to Bitcoin nodes on Tor with the setting ticked.

On top of that, Bitcoin Core already fix many of known sybil/eclipse attack vector as stated on http://web.archive.org/web/20220412122303/http://cs-people.bu.edu/heilman/eclipse/.

2. Unless you and other node use encryption (this is recent addition based on BIP 324), the connection isn't encrypted.
From the other person's Bitcoin node to your exit node? Yes, but from your node to the exit node the connection is encrypted.

That's right, which is more reason to use newer Bitcoin Core which use encryption when connecting to other new nodes.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!