Bitcoin Forum
November 02, 2024, 01:04:19 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Anonymity and Wired's article about FBI Bitcoin memo  (Read 4279 times)
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
June 01, 2012, 04:55:44 PM
 #1

The recent Wired article about the FBI Bitcoin bulletin quotes the following tips from the FBI to "help" you keep your bitcoin transactions anonymous.  I had some analysis to share.

Article URL: http://www.wired.com/threatlevel/2012/05/fbi-fears-bitcoin/

Excerpt from article (points numbered by me):
Quote
But the FBI helpfully lists several ways that Bitcoin users can protect their anonymity.
 •1 Create and use a new Bitcoin address for each incoming payment.
 •2 Route all Bitcoin traffic through an anonymizer.
 •3 Combine the balance of old Bitcoin addresses into a new address to make new payments.
 •4 Use a specialized money laundering service.
 •5 Use a third-party eWallet service to consolidate addresses. Some third-party services offer the option of creating an eWallet that allows users to consolidate many Bitcoin addresses and store and easily access their Bitcoins from any device.
 •6 Individuals can create Bitcoin clients to seamlessly increase anonymity (such as allowing users to choose which Bitcoin addresses to make payments from), making it easier for non-technically savvy users to anonymize their Bitcoin transactions.

Item number 1, we didn't need FBI's help for, given that this advice is pretty much built-in behavior for the client.

Items number 2 and 4 are the same.  But does any such anonymizer exist and is it trustworthy and credible?  There exist such services, I don't believe in them, I would never send my money there.  An anonymizer must be anonymous to properly do its job, which also puts you in a position of them ripping off your coins.  The ultimate anonymizer hasn't been implemented yet, it's just a matter of time before someone puts together a zero-trust client/server anonymizer app though, that allows a "server" party to orchestrate a single coordinated bitcoin transaction to simultaneously commingle and disburse funds on behalf of numerous "clients" in equal chunks.  In such a scenario, the server knows only the inbound txids and the payout addresses, and the client app must digitally sign off on transaction proposals produced by the server without ever letting the server get control of the funds.  The day this comes to be, Bitcoin will be a whole new animal.

Item number 3 has no anonymity benefit, and actually decreases anonymity.  Combining the balance of old Bitcoin addresses into a new address makes public the fact that all of those addresses are related, and depending on how it's done, publishes incontrovertible proof that those addresses in fact belong to the same person.

Item number 5, sure, yes and no.  Not really practical advice.  The third party wallet service will probably be the first to rat you out.  It's a good way to launder 5 hot bucks, but not an ongoing illegal income stream.

Item number 6, sure.  Anonymity is difficult when you can't choose which coins you're sending from.

The following advice would be essential, I think, in any useful guide to keeping bitcoin activity anonymous.

1. Developers of bitcoin clients!  Make it a default to never send anything smaller than a bitcent (or another configurable increment) back to oneself as change, except when the user is explicitly sending transactions with sub-bitcent amounts.  Change and transaction outputs should always have a similar number of digits of precision.  Where sub-bitcents are at issue, client should abandon the fractional amount in the form of an extra voluntary transaction fee.  Having coins with change smaller than 0.01 makes it super easy to follow in the block chain and distinguish change from a payment.  Sometimes, it is very easy to tell from the blockchain which is your change and which is your payment.  If you have a txid worth 56.44261239 and you spend some of it, one output is 10.37 and the other is 46.07261239, guess which one is obviously the change?  Now, compare to 10.37 and 46.07 with a 0.00261239 transaction fee.  See?  Big difference when combing through the block chain.  (And for FBI: add to your next memo that when investigating transactions in the block chain up until whatever point the developers add this option, the presence of sub-bitcent outputs allows you to correlate the change address with the original payer Smiley Our developers might be slow at this, so it will be a useful investigation tool for a long time to come!)

2. Never permit your coins (txids) to be automatically combined by a client whenever possible.  Having your client combine coins publishes prima facie evidence to the world that both of those addresses belong to the same person.  If and when you ever get control over which coins (txids) you are sending to somebody, if you know that you don't have a single txid big enough to cover the payment you want to send, instead, ask your payee for multiple payment addresses (equal to the number of txid's you'll be sending them), and create multiple transactions, each of which is used strictly to transfer from a single txid.  So far, Bitcoin clients don't really give you granular visibility or control over the txid's you possess or which you are using to pay.  Surely that will change though.

3. Acquire small amounts of bitcoins by sending unsolicited cash in the mail to someone you think is likely to make good on it.  Get over the fact that you're sending cash in the mail, it getting lost is relatively unlikely and not the end of the world if it happens.  If someone can't figure out who you are from your letter, any trail that follows the coins you spent will probably end there.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
flaxceed
Sr. Member
****
Offline Offline

Activity: 389
Merit: 250


>>Note new email flaxceed@tormail.org<<


View Profile
June 02, 2012, 07:58:23 AM
 #2

I wish the client integrated solid anonymity features.  It would make bitcoin more appealing to those interested in privacy- like me!

//////////////////////////////////////////////
>>>>>>flaxceed@tormail.org<<<<<<
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


>>>  NOTE:  This is a new email address.  It is now tormail.org, and no longer tormail.net!  <<<

bencoder
Member
**
Offline Offline

Activity: 90
Merit: 10


View Profile
June 02, 2012, 09:25:25 AM
 #3

I don't think 2 and 4 are the same. 4 is referring to the mixer/anonymizer idea like you've talked about, but 2 is talking about the actual bitcoin tcp traffic, and is suggesting you should route it all through tor or another anonymizing network.
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
June 02, 2012, 02:07:52 PM
 #4

I don't think 2 and 4 are the same. 4 is referring to the mixer/anonymizer idea like you've talked about, but 2 is talking about the actual bitcoin tcp traffic, and is suggesting you should route it all through tor or another anonymizing network.

Makes sense, you're right.

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!