"You should assume your IP address can be associated with you.." -Gavin Anderson

[BTC_Truth]

  x

[1714011819]

1714011819

[1714011819]

1714011819

[1714011819]

1714011819

[Elwar]

Yes, people can track your IP to a bitcoin transaction if you do not mask it.

[Foxpup]

Anyone who can eavesdrop on your network connection (such as your ISP, the NSA, or your neighbour if you use open Wi-Fi) can see if you send a transaction that you didn't previously receive, which proves you created it, and are not merely relaying someone else's transaction. Also, an early version of Bitcoin had a bug which allowed an attacker with a direct connection to your node to determine your addresses. Although this bug has been fixed, the current version may yet have similar bugs.

For these reasons, it is recommended to run Bitcoin over Tor. However, note that doing so does not necessarily make you anonymous, as there are other methods of associating your identity with your Bitcoin transactions than your IP address.

None of this is secret or controversial. Bitcoin was never intended to be completely anonymous.

[🏰 TradeFortress 🏰]

One way to mitigate someone passively snooping on the network level, and finding out who is the originator of transactions would be to encrypt peer to peer communications.

Attackers who set up nodes will have to set up a sufficient amount in order to provide acceptable confidence that peer they got the transaction from is indeed the originator of the transaction.

[ShakyhandsBTCer]

There are a number of ways to mask where a TX originated from:

Tor
Public WiFi
Using blockchain to push a signed TX for you
running a full node and having a light client only connect to that node

[ajareselde]

Yes, people can track your IP to a bitcoin transaction if you do not mask it.

well, i for once didnt know this.
i thought bitcoin was only seen by wallet address..

actualy, you can use online wallet, or a vpn for that matter.

[justusranvier]

One way to mitigate someone passively snooping on the network level, and finding out who is the originator of transactions would be to encrypt peer to peer communications.

Attackers who set up nodes will have to set up a sufficient amount in order to provide acceptable confidence that peer they got the transaction from is indeed the originator of the transaction.

Tor communications are encrypted peer-to-peer.

Set up your node to accept connections via a hidden service, and use -onlynet=tor to make sure you only connect to other hidden services.

Now 100% of your peer-to-peer connections are encrypted.

[tins]

One way to mitigate someone passively snooping on the network level, and finding out who is the originator of transactions would be to encrypt peer to peer communications.

Attackers who set up nodes will have to set up a sufficient amount in order to provide acceptable confidence that peer they got the transaction from is indeed the originator of the transaction.

Tor communications are encrypted peer-to-peer.

Set up your node to accept connections via a hidden service, and use -onlynet=tor to make sure you only connect to other hidden services.

Now 100% of your peer-to-peer connections are encrypted.

I am not tech literate. You can run your entire internet connection using tor? Or, are you saying use tor when using btc services or online wallet an such?

(Please, no making fun of me, I admit to being mostly computer illiterate.)

[justusranvier]

I am not tech literate. You can run your entire internet connection using tor? Or, are you saying use tor when using btc services or online wallet an such?

(Please, no making fun of me, I admit to being mostly computer illiterate.)

If you are running a Bitcoin node (this means Bitcoin-Qt, bitcoind, btcd, or I think Obelisk) on your own computer, and you are running a Tor client, then you can configure the Bitcoin node to only connect to the Bitcoin network via Tor.

If you're using an online wallet, then you don't have any privacy anyway so it doesn't really matter if you use Tor to access it or not.

[commandrix]

Exactly right. That's why I've always kinda yukked up my sleeve at the "anonymous" nature of Bitcoin. Somebody could sniff out the packets used to send the Bitcoin and use the information in those packets to know where you sent it from no matter whether you sent it from your house or from your local cafe with Wi-Fi. About the only way to get around it is to use some kind of proxy service and even that isn't infallible.

[joshraban76]

This is not valid with Dynamic IP internet connections, like the connection I've right now.

[freedomno1]

This is not valid with Dynamic IP internet connections, like the connection I've right now.

That is good to know but an ISP provider retains address logs for 180 days to a year so it probably is still a valid concern
http://lifehacker.com/5923017/how-can-i-prevent-my-isp-from-tracking-my-every-move/all

[Meuh6879]

[bitsmichel]

By default data is associated with you, unless you take counter measures.
Dragnet surveillance is very serious nowadays. IP address is one of the many things to track you.

[tins]

Exactly right. That's why I've always kinda yukked up my sleeve at the "anonymous" nature of Bitcoin. Somebody could sniff out the packets used to send the Bitcoin and use the information in those packets to know where you sent it from no matter whether you sent it from your house or from your local cafe with Wi-Fi. About the only way to get around it is to use some kind of proxy service and even that isn't infallible.

What if you aren't sending from a personal wallet (Bitcoin-QT, etc), rather from an exchange (Cryptsy, mint, etc)? In that situation would it still be possible to trace where it was sent from? Or, since it is the exchange's server sending the transaction, would it be anonymous?

[newIndia]

Exactly right. That's why I've always kinda yukked up my sleeve at the "anonymous" nature of Bitcoin. Somebody could sniff out the packets used to send the Bitcoin and use the information in those packets to know where you sent it from no matter whether you sent it from your house or from your local cafe with Wi-Fi. About the only way to get around it is to use some kind of proxy service and even that isn't infallible.

What if you aren't sending from a personal wallet (Bitcoin-QT, etc), rather from an exchange (Cryptsy, mint, etc)? In that situation would it still be possible to trace where it was sent from? Or, since it is the exchange's server sending the transaction, would it be anonymous?

It'll broadcast their IP if that is not masked.

[justusranvier]

What if you aren't sending from a personal wallet (Bitcoin-QT, etc), rather from an exchange (Cryptsy, mint, etc)? In that situation would it still be possible to trace where it was sent from? Or, since it is the exchange's server sending the transaction, would it be anonymous?

Network snooping will show the transaction coming from the exchange.

The exchange, of course, knows it was your transaction and they'll have records showing such.

The same people who engage in widespread network snooping probably can just ask the exchange to give them those records (or they'll hack into the exchange and just extract the records themselves).

That's why I said if you use a web wallet you don't have any privacy.

[Magic8Ball]

One way to mitigate someone passively snooping on the network level, and finding out who is the originator of transactions would be to encrypt peer to peer communications.

Attackers who set up nodes will have to set up a sufficient amount in order to provide acceptable confidence that peer they got the transaction from is indeed the originator of the transaction.

Tor communications are encrypted peer-to-peer.

Set up your node to accept connections via a hidden service, and use -onlynet=tor to make sure you only connect to other hidden services.

Now 100% of your peer-to-peer connections are encrypted.

Tor and mixing, to mask the initial input should be enough.

Anytime a transaction is done which can be traced back like some payment then mix again.

[ShakyhandsBTCer]

This is not valid with Dynamic IP internet connections, like the connection I've right now.

Even with a dynamic IP address your identity can still be found.

Your ISP will keep logs of who is assigned what IP address at what times.

[tvbcof]

What if you aren't sending from a personal wallet (Bitcoin-QT, etc), rather from an exchange (Cryptsy, mint, etc)? In that situation would it still be possible to trace where it was sent from? Or, since it is the exchange's server sending the transaction, would it be anonymous?

Network snooping will show the transaction coming from the exchange.

The exchange, of course, knows it was your transaction and they'll have records showing such.

The same people who engage in widespread network snooping probably can just ask the exchange to give them those records (or they'll hack into the exchange and just extract the records themselves).

That's why I said if you use a web wallet you don't have any privacy.

A full peer who is not masking their activity is susceptible to transaction counting.  That is, detection of transactions which originated at the peer rather than those being relayed.  Or at least that was supposed several years ago.  Several years ago most people thought it impractical though I personally always considered it a potential threat.  Now (post-Snowden) it seems likely that fine-grained packet are captured, retained, and analyzed.  At least for anyone who is tagged for enhanced monitoring, and I think that there is a strong possibility that all Bitcoin users are.

A non-compromised https connection to a non-compromised exchange or wallet service (if there is such a thing) would be theoretically more safe.  It would require timing analysis to match user activity with transactions (if they even leave the service) and that would be very easily thwarted by introducing some random delays.  This assumes that the service is somewhat popular (and thus, active) of course.

Go ahead and say the magic words 'tor'.  For my part I never trusted it.  At least not for highly critical work.  It being largely funded by the government to 'help Iranian dissidents' doesn't pass the smell test for me.  But to each his own.