garytheasshole
Full Member
 Offline
Activity: 406
Merit: 105
Chosŏn Minjujuŭi Inmin Konghwaguk
|
 |
October 22, 2017, 08:56:25 AM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/LOL! Collecting IPs from netstat output reveals identities. This is so fucking retarded. |
|
|
|
|
|
|
The forum was founded in 2009 by Satoshi and Sirius. It replaced a
SourceForge forum.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
FloppyPurpleGherkin
Jr. Member
Offline
Activity: 306
Merit: 2
|
|
October 22, 2017, 08:57:34 AM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/Bad news tbh. |
|
|
|
|
garytheasshole
Full Member
Offline
Activity: 406
Merit: 105
Chosŏn Minjujuŭi Inmin Konghwaguk
|
|
October 22, 2017, 09:02:50 AM
Last edit: October 22, 2017, 09:25:04 AM by garytheasshole |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/Bad news tbh. It's not even news. Anthony Russell is not the sharpest knife in the drawer. No shit you need to connect on nodes to get your chain in sync and transmit transactions. But you can't pin identities or wallet addresses based on IPs you've collected from your own node. Use your head people. How do you think we got this https://monerohash.com/nodes-distribution.html Anthony needs to work a lot harder if he wants his 5 minutes internet fame, reminding us of the bare basic of p2p cryptocurrencies wont do. |
|
|
|
Temik2704
Full Member
Offline
Activity: 378
Merit: 100
DATABLOCKCHAIN.IO SALE IS LIVE | MVP @ DBC.IO
|
|
October 22, 2017, 01:56:53 PM |
|
Judging by the schedule in the near future we will see the growth of the coin. Well, if they add COIN to the Bitfly exchange, I think we'll see x2.
|
|
|
|
notbatman
Legendary
Offline
Activity: 2212
Merit: 1038
|
|
October 22, 2017, 02:18:10 PM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/LOL! Collecting IPs from netstat output reveals identities. This is so fucking retarded. You've been targeted with FUD! How do you feel about that? |
|
|
|
|
explorer
Legendary
Offline
Activity: 2016
Merit: 1259
|
|
October 22, 2017, 06:25:56 PM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/LOL! Collecting IPs from netstat output reveals identities. This is so fucking retarded. You've been targeted with FUD! How do you feel about that? So who does this one work for? |
|
|
|
|
|
kellrobinson
|
|
October 22, 2017, 06:43:47 PM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/LOL! Collecting IPs from netstat output reveals identities. This is so fucking retarded. You've been targeted with FUD! How do you feel about that? So who does this one work for? |
|
|
|
|
Hueristic
Legendary
Offline
Activity: 3808
Merit: 4894
Doomed to see the future and unable to prevent it
|
|
October 22, 2017, 06:55:32 PM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/Bad news tbh. Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/Yay the trolls are back!!! Looks like the bottom is here.  I grabbed another long at 0.01446773, couldn't get any lower with those fucking Bots. Funny the bots were at a stalemate at 0.01448000 for 0.10077572 Xmr and I grabbed that and they started buying but then backed off. I'm all in now. |
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
|
|
|
|
BossBee
|
|
October 22, 2017, 08:25:01 PM |
|
Monero trolls allocated countless hours and most of their brain power to FUD Dash, a coin that isn't even targeting the same market needs as them, to end up getting their faces REKT out of know where by zen cash. . . What a classic tale for the history books. |
|
|
|
Skuffone
Newbie
Offline
Activity: 17
Merit: 0
|
|
October 22, 2017, 11:12:16 PM |
|
Hi there XMR community, i really like the https://forum.getmonero.org/ website. Can anyone point me to who developed it or if the code is opened sourced anywhere? Thnx |
|
|
|
|
Charles T.
Full Member
Offline
Activity: 173
Merit: 101
PR Manager at Crypto Economy
|
|
October 23, 2017, 09:32:23 AM |
|
|
|
|
|
|
GröBkAz
|
|
October 23, 2017, 11:10:26 AM |
|
Judging by the schedule in the near future we will see the growth of the coin. Well, if they add COIN to the Bitfly exchange, I think we'll see x2.
Never heard the name of Bitfly exchange, how good is that exchange and how will it make impact on pricing |
|
|
|
|
M5M400
Full Member
Offline
Activity: 162
Merit: 100
supportXMR.com
|
|
October 23, 2017, 11:36:20 AM |
|
Monero trolls allocated countless hours and most of their brain power to FUD Dash, a coin that isn't even targeting the same market needs as them, to end up getting their faces REKT out of know where by zen cash. . . What a classic tale for the history books. can you point me to said trolling/shilling? I've not seen the monero community FUDing Dash anywhere. |
supportXMR.com :: EU(DE) based Monero pool :: 0.6% fee
|
|
|
revelacaogr
Legendary
Offline
Activity: 1316
Merit: 1021
2009 Alea iacta est
|
|
October 23, 2017, 12:59:07 PM |
|
DevMeeting 2017-10-22 Highlights[ ] Recent code merges Lightweight Wallet API support Sub-addresses Bugfix release(0.11.0.1) may be as early as October 23, 2017 (Monday). (This will *not* enable the features above.) Discussions involving dotnetrussel's (Verge) twitter bot. It's really not worth rebuttal as there's no vulnerability. It's just watching for connections on a port via "netstat". Not indicative of a Monero user or transaction. dEBRUYNE may write something official up. Discussions of the Monero Hardware wallet will likely migrate to the Monero Community meetings. redfish and hyc are working through some database sync and corruption issues. https://monerobase.com/wiki/DevMeeting_2017-10-22 |
|
|
|
|
|
pönde
|
|
October 23, 2017, 03:40:04 PM |
|
This is decentralized exchange.
nvo.io
The wallet will available at the beginning of the November and exhanchange at Q1 2018.
Project is completely open source and each coins devs can make their own plugin for the wallet. I do not know does the nvo team do the plug in for monero, but anyway monero devs can do it. Monero logo is anyway at nvo demo video in youtube.
Are monero devs aware of this project?
|
|
|
|
|
Hueristic
Legendary
Offline
Activity: 3808
Merit: 4894
Doomed to see the future and unable to prevent it
|
|
October 23, 2017, 05:01:42 PM |
|
This is decentralized exchange.
nvo.io
The wallet will available at the beginning of the November and exhanchange at Q1 2018.
Project is completely open source and each coins devs can make their own plugin for the wallet. I do not know does the nvo team do the plug in for monero, but anyway monero devs can do it. Monero logo is anyway at nvo demo video in youtube.
Are monero devs aware of this project?
I hope our devs will vett the code for this. Transactions
are
processed
simultaneously
through
an
order
matching
engine
from
one
wallet
to
another.
The
validator
on
the
Safenetwork
will
check
if
the
transactions
are
valid
prior
to
being
exchanged.
The
orders
are
then
matched
and
transactions
broadcasted
in
their
respective
networks.
The
validator
process
raw
transactions
and
doesn’t
hold
any
private
keys
or
assets
nor
can
it
sign
transactions resulting in a trustless decentralized exchange using the Safenetwork to validate orders Nice formatting in the white paper (that quote was a copy paste from it) lol https://nvo.io/assets/whitepaper.pdfI'm wondering if the "Validator" can be tricked on one side of the transaction with a modified wallet to just not send the agreed upon amount or use some other workaround like a hard codded wallet balance that doesn't really exist to trick the validator into thinking it sent funds. This looks like it has the potential to get hacked pretty quickly. |
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
|
|
|
Anon136
Legendary
Offline
Activity: 1722
Merit: 1217
|
|
October 23, 2017, 05:07:59 PM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/No shit. This is why kovi is under development... Until kovi development is complete, if you really care about privacy, than you need to broadcast your transactions from behind a vpn or tor. This shouldn't be "news" to anyone who knows anything about this project. Something that everyone always knew or should have known spun as news. Smells like someone with an agenda spreading fud. Wankalone should take notes I guess. This is how it is done. |
Rep Thread: https://bitcointalk.org/index.php?topic=381041If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited? |
|
|
Hueristic
Legendary
Offline
Activity: 3808
Merit: 4894
Doomed to see the future and unable to prevent it
|
|
October 23, 2017, 05:19:28 PM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/No shit. This is why kovi is under development... Until kovi development is complete, if you really care about privacy, than you need to broadcast your transactions from behind a vpn or tor. This shouldn't be "news" to anyone who knows anything about this project. Something that everyone always knew or should have known spun as news. Smells like someone with an agenda spreading fud. Wankalone should take notes I guess. This is how it is done. Considering the fact that there have been guides around forever to alleviate this it is certainly a non issue and nothing but FUD. Just drop a link to a tutorial on how to get around this wherever you see the fucktard posting this fud. Not to mention using a light wallet or mymonero mitigates this, albeit adding vulnerabilitys in the process. |
“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
October 23, 2017, 09:50:57 PM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/No shit. This is why kovi is under development... Until kovi development is complete, if you really care about privacy, than you need to broadcast your transactions from behind a vpn or tor. This shouldn't be "news" to anyone who knows anything about this project. Something that everyone always knew or should have known spun as news. Smells like someone with an agenda spreading fud. Wankalone should take notes I guess. This is how it is done. Kovri isn't needed to address what is being reported as an alleged 'vulnerability' (and mostly doesn't). The IP addresses of nodes on a p2p network are public and you can get them explicitly using print_cn or print_pl in the daemon or netstat (or even see geolocated addresses on a node map). These addresses by themselves tell you nothing about users or transactions. Even if not transmitting your txs over Tor, VPN, i2p, etc. it is still very difficult for anyone other than your ISP or someone spying directly on your network connection to determine that a transaction originated at a particular node. It could possibly be done with a massive sybil attack on the network, and even then would be unreliable. |
|
|
|
|
Anon136
Legendary
Offline
Activity: 1722
Merit: 1217
|
|
October 24, 2017, 06:11:50 AM |
|
Anonymous No More? Monero Exploit Reveals User Identities to Hackers The researcher, Anthony Russell, says that he can actually locate Monero users through transaction broadcasts. When users open up their Monero wallets, they connect to the peer-to-peer network, which allows users to then connect to individual wallets. According to Russell, If the users of those wallets aren’t using TOR or I2P, you can easily determine their IPs. One potential problem with this method is that it doesn’t necessarily differentiate between server nodes and peers. However, Russell says that this can be overcome by doing a simple whois search............ https://bitsonline.com/monero-exploit-threatens-privacy/No shit. This is why kovi is under development... Until kovi development is complete, if you really care about privacy, than you need to broadcast your transactions from behind a vpn or tor. This shouldn't be "news" to anyone who knows anything about this project. Something that everyone always knew or should have known spun as news. Smells like someone with an agenda spreading fud. Wankalone should take notes I guess. This is how it is done. Kovri isn't needed to address what is being reported as an alleged 'vulnerability' (and mostly doesn't). The IP addresses of nodes on a p2p network are public and you can get them explicitly using print_cn or print_pl in the daemon or netstat (or even see geolocated addresses on a node map). These addresses by themselves tell you nothing about users or transactions. Even if not transmitting your txs over Tor, VPN, i2p, etc. it is still very difficult for anyone other than your ISP or someone spying directly on your network connection to determine that a transaction originated at a particular node. It could possibly be done with a massive sybil attack on the network, and even then would be unreliable. I disagree with this a bit. True you cant just look at an ip address and know who it is. But neither can one do this with a bitcoin address. Bitcoin addresses change frequently and are not tied in any way to any geographical data yet attackers use analysis techniques to identify bitcoin users quite trivially. Using similar techniques it should be even easier to uncover real identities using ip addresses than bitcoin addresses. Thus it is reasonable to assume that a compromised ip equals a compromised identity to anyone who cares enough to spend a little time and or money to suss it out. |
Rep Thread: https://bitcointalk.org/index.php?topic=381041If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited? |
|
|
|
