Bitcoin Forum
December 04, 2016, 02:09:17 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 [5] 6 7 8 9 10 »  All
  Print  
Author Topic: [ANNOUNCE] TORwallet - anonymous mixing wallet service  (Read 26588 times)
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
June 22, 2012, 02:14:18 PM
 #81

And that BS about Gmail was retarded, they don't index or publish your mail, they just scan it for keywords to provide relevant advertising.

That and stalk teenagers...

Keep drinking the koolaid.

1480817357
Hero Member
*
Offline Offline

Posts: 1480817357

View Profile Personal Message (Offline)

Ignore
1480817357
Reply with quote  #2

1480817357
Report to moderator
1480817357
Hero Member
*
Offline Offline

Posts: 1480817357

View Profile Personal Message (Offline)

Ignore
1480817357
Reply with quote  #2

1480817357
Report to moderator
1480817357
Hero Member
*
Offline Offline

Posts: 1480817357

View Profile Personal Message (Offline)

Ignore
1480817357
Reply with quote  #2

1480817357
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480817357
Hero Member
*
Offline Offline

Posts: 1480817357

View Profile Personal Message (Offline)

Ignore
1480817357
Reply with quote  #2

1480817357
Report to moderator
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
June 22, 2012, 02:14:53 PM
 #82

And that BS about Gmail was retarded, they don't index or publish your mail, they just scan it for keywords to provide relevant advertising.

That and stalk teenagers...

Keep drinking the koolaid.
Yeah that too lol. I forgot about that one.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
TORwallet
Jr. Member
*
Offline Offline

Activity: 41


I <3 TOR


View Profile WWW
June 22, 2012, 08:34:40 PM
 #83

It is impossible for google or anyone else to find the link to a TORwallet unless it has been posted somewhere. Those instawallet links were most likely indexed by google visiting instawallet.org and being redirected to a new wallet.

We are working on adding an optional password field to the site. We are waiting for our developer to get back from vacation.

TORwallet - anonymous mixing bitcoin wallet
http://nci2szjrwjqw2zbi.onion/ or http://torwallet.net/
jl2012
Legendary
*
Offline Offline

Activity: 1484


View Profile
June 25, 2012, 03:43:00 AM
 #84

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.

It is impossible for google or anyone else to find the link to a TORwallet unless it has been posted somewhere. Those instawallet links were most likely indexed by google visiting instawallet.org and being redirected to a new wallet.

We are working on adding an optional password field to the site. We are waiting for our developer to get back from vacation.

Donation address: 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Bitcoin Wizards Wiki: https://8333.info/
Gladamas
Sr. Member
****
Offline Offline

Activity: 294


Bitcoin today is what the internet was in 1998.


View Profile
June 25, 2012, 04:08:39 AM
 #85

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.

It is impossible for google or anyone else to find the link to a TORwallet unless it has been posted somewhere. Those instawallet links were most likely indexed by google visiting instawallet.org and being redirected to a new wallet.

We are working on adding an optional password field to the site. We are waiting for our developer to get back from vacation.

Can't they encrypt the code?  Undecided

1GLADMZ5tL4HkS6BAWPfJLeZJCDHAd9Fr3 - LQ6Zx8v7fHVBiDX5Lmhbp6oEDB7dUFjANu
GPG 0xF219D5BB3C467E12 - Litecoin Forum
davout
Legendary
*
Offline Offline

Activity: 1358


1davout


View Profile WWW
June 25, 2012, 09:20:54 AM
 #86

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.
badum-tssss

rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
June 25, 2012, 02:27:01 PM
 #87

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.
badum-tssss
Same goes for your service, just depends on who gets hacked first.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
davout
Legendary
*
Offline Offline

Activity: 1358


1davout


View Profile WWW
June 25, 2012, 09:16:05 PM
 #88

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.
badum-tssss
Same goes for your service, just depends on who gets hacked first.
http://xkcd.com/703/

TORwallet
Jr. Member
*
Offline Offline

Activity: 41


I <3 TOR


View Profile WWW
June 25, 2012, 09:35:33 PM
 #89

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.

It is impossible for google or anyone else to find the link to a TORwallet unless it has been posted somewhere. Those instawallet links were most likely indexed by google visiting instawallet.org and being redirected to a new wallet.

We are working on adding an optional password field to the site. We are waiting for our developer to get back from vacation.

Hacking of torwallet.net will expose absolutely nothing. https://torwallet.net is nothing more than a proxy, and actually has more in common with a port forward in your router. It doesn't even understand http and does nothing more than pipe data through tor.

In fact, here is the command we use.
socat openssl-listen:443,fork,reuseaddr,su=nobody socks4a:127.0.0.1:nci2szjrwjqw2zbi.onion:80,socksport=9050

Hacking of nci2szjrwjqw2zbi.onion would reveal current balances, however the attack surface is limited to a single port.

TORwallet - anonymous mixing bitcoin wallet
http://nci2szjrwjqw2zbi.onion/ or http://torwallet.net/
jl2012
Legendary
*
Offline Offline

Activity: 1484


View Profile
June 27, 2012, 05:03:04 AM
 #90

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.

It is impossible for google or anyone else to find the link to a TORwallet unless it has been posted somewhere. Those instawallet links were most likely indexed by google visiting instawallet.org and being redirected to a new wallet.

We are working on adding an optional password field to the site. We are waiting for our developer to get back from vacation.

Hacking of torwallet.net will expose absolutely nothing. https://torwallet.net is nothing more than a proxy, and actually has more in common with a port forward in your router. It doesn't even understand http and does nothing more than pipe data through tor.

In fact, here is the command we use.
socat openssl-listen:443,fork,reuseaddr,su=nobody socks4a:127.0.0.1:nci2szjrwjqw2zbi.onion:80,socksport=9050

Hacking of nci2szjrwjqw2zbi.onion would reveal current balances, however the attack surface is limited to a single port.

Just for example, I have the following wallet: https://www.torwallet.net/w/c85f0c2c5347caf6b302cebabed0e93c3ce023d6739b1e502128cbaa7042eddb

Therefore, anyone who knows the code "c85f0c2c53.............." can redeem all coins in my wallet.

A hacker can obtain the private key of torwallet.net's certificate, and he will learn the code "c85f0c2c53.............."

Donation address: 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Bitcoin Wizards Wiki: https://8333.info/
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
June 27, 2012, 01:10:14 PM
 #91

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.

It is impossible for google or anyone else to find the link to a TORwallet unless it has been posted somewhere. Those instawallet links were most likely indexed by google visiting instawallet.org and being redirected to a new wallet.

We are working on adding an optional password field to the site. We are waiting for our developer to get back from vacation.

Hacking of torwallet.net will expose absolutely nothing. https://torwallet.net is nothing more than a proxy, and actually has more in common with a port forward in your router. It doesn't even understand http and does nothing more than pipe data through tor.

In fact, here is the command we use.
socat openssl-listen:443,fork,reuseaddr,su=nobody socks4a:127.0.0.1:nci2szjrwjqw2zbi.onion:80,socksport=9050

Hacking of nci2szjrwjqw2zbi.onion would reveal current balances, however the attack surface is limited to a single port.

Just for example, I have the following wallet: https://www.torwallet.net/w/c85f0c2c5347caf6b302cebabed0e93c3ce023d6739b1e502128cbaa7042eddb

Therefore, anyone who knows the code "c85f0c2c53.............." can redeem all coins in my wallet.

A hacker can obtain the private key of torwallet.net's certificate, and he will learn the code "c85f0c2c53.............."
However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
jl2012
Legendary
*
Offline Offline

Activity: 1484


View Profile
June 27, 2012, 03:49:24 PM
 #92

Although you do not have a wallet on torwallet.net, hacking of torwallet.net will expose the secret code, and thus the balance of the accounts of those who use torwallet.net.

It is impossible for google or anyone else to find the link to a TORwallet unless it has been posted somewhere. Those instawallet links were most likely indexed by google visiting instawallet.org and being redirected to a new wallet.

We are working on adding an optional password field to the site. We are waiting for our developer to get back from vacation.

Hacking of torwallet.net will expose absolutely nothing. https://torwallet.net is nothing more than a proxy, and actually has more in common with a port forward in your router. It doesn't even understand http and does nothing more than pipe data through tor.

In fact, here is the command we use.
socat openssl-listen:443,fork,reuseaddr,su=nobody socks4a:127.0.0.1:nci2szjrwjqw2zbi.onion:80,socksport=9050

Hacking of nci2szjrwjqw2zbi.onion would reveal current balances, however the attack surface is limited to a single port.

Just for example, I have the following wallet: https://www.torwallet.net/w/c85f0c2c5347caf6b302cebabed0e93c3ce023d6739b1e502128cbaa7042eddb

Therefore, anyone who knows the code "c85f0c2c53.............." can redeem all coins in my wallet.

A hacker can obtain the private key of torwallet.net's certificate, and he will learn the code "c85f0c2c53.............."
However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

The hacker don't need the wallet private key to withdraw BTC. Only the secret codes are needed

Donation address: 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Bitcoin Wizards Wiki: https://8333.info/
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
June 27, 2012, 03:52:37 PM
 #93

However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

The hacker don't need the wallet private key to withdraw BTC. Only the secret codes are needed
That's correct, however URL query strings are encrypted when using SSL, so they can't be sniffed. If someone tried to MITM after compromising Torwallet.net, the SSL certificate would have a different fingerprint and it would be detected as an error, since you have created a special exemption in your browser for that specific fingerprint.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
jl2012
Legendary
*
Offline Offline

Activity: 1484


View Profile
June 27, 2012, 04:40:05 PM
 #94

However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

The hacker don't need the wallet private key to withdraw BTC. Only the secret codes are needed
That's correct, however URL query strings are encrypted when using SSL, so they can't be sniffed. If someone tried to MITM after compromising Torwallet.net, the SSL certificate would have a different fingerprint and it would be detected as an error, since you have created a special exemption in your browser for that specific fingerprint.

One the torwallet.net page it claims "Seizing or hacking this server will have no effect on TORwallet's services and gain you no bitcoins, only our wrath", but this is wrong. If the torwallet.net server is hacked, the private key of the SSL certificate is exposed, and the hacker will know the URL query strings

Donation address: 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Bitcoin Wizards Wiki: https://8333.info/
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
June 27, 2012, 04:57:54 PM
 #95

However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

The hacker don't need the wallet private key to withdraw BTC. Only the secret codes are needed
That's correct, however URL query strings are encrypted when using SSL, so they can't be sniffed. If someone tried to MITM after compromising Torwallet.net, the SSL certificate would have a different fingerprint and it would be detected as an error, since you have created a special exemption in your browser for that specific fingerprint.

One the torwallet.net page it claims "Seizing or hacking this server will have no effect on TORwallet's services and gain you no bitcoins, only our wrath", but this is wrong. If the torwallet.net server is hacked, the private key of the SSL certificate is exposed, and the hacker will know the URL query strings
That is not correct. Torwallet.net does not contain any private keys, and it is a separate server from the .onion site. They are not hosted on the same server. Not sure what's so hard to understand about that.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
jl2012
Legendary
*
Offline Offline

Activity: 1484


View Profile
June 27, 2012, 05:07:13 PM
 #96

However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

The hacker don't need the wallet private key to withdraw BTC. Only the secret codes are needed
That's correct, however URL query strings are encrypted when using SSL, so they can't be sniffed. If someone tried to MITM after compromising Torwallet.net, the SSL certificate would have a different fingerprint and it would be detected as an error, since you have created a special exemption in your browser for that specific fingerprint.

One the torwallet.net page it claims "Seizing or hacking this server will have no effect on TORwallet's services and gain you no bitcoins, only our wrath", but this is wrong. If the torwallet.net server is hacked, the private key of the SSL certificate is exposed, and the hacker will know the URL query strings
That is not correct. Torwallet.net does not contain any private keys, and it is a separate server from the .onion site. They are not hosted on the same server. Not sure what's so hard to understand about that.

I mean private key of the SSL certificate, not private key of BTC accounts. Not sure what's so hard to understand about that......

Donation address: 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Bitcoin Wizards Wiki: https://8333.info/
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
June 27, 2012, 05:09:14 PM
 #97

However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

The hacker don't need the wallet private key to withdraw BTC. Only the secret codes are needed
That's correct, however URL query strings are encrypted when using SSL, so they can't be sniffed. If someone tried to MITM after compromising Torwallet.net, the SSL certificate would have a different fingerprint and it would be detected as an error, since you have created a special exemption in your browser for that specific fingerprint.

One the torwallet.net page it claims "Seizing or hacking this server will have no effect on TORwallet's services and gain you no bitcoins, only our wrath", but this is wrong. If the torwallet.net server is hacked, the private key of the SSL certificate is exposed, and the hacker will know the URL query strings
That is not correct. Torwallet.net does not contain any private keys, and it is a separate server from the .onion site. They are not hosted on the same server. Not sure what's so hard to understand about that.

I mean private key of the SSL certificate, not private key of BTC accounts. Not sure what's so hard to understand about that......
I know you meant that, and you are incorrect. The private key of the SSL certificate is stored on the .onion site, not on the torwallet.net server. Perhaps you should look closer at how socat works: it has the option to serve up its own certificate, but that is not in use here. It is simply concatenating data between ports 443 and 9050, in both directions.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
jl2012
Legendary
*
Offline Offline

Activity: 1484


View Profile
June 27, 2012, 05:14:18 PM
 #98

However, he cannot obtain the private key by hacking torwallet.net. He can only obtain it by hacking the onion site itself. That socat tool is pretty damn cool; I've added it to my arsenal.

Most .onion sites don't bother having SSL enabled because Tor provides encryption... but for external access, this is a perfect example of how to use it.

The hacker don't need the wallet private key to withdraw BTC. Only the secret codes are needed
That's correct, however URL query strings are encrypted when using SSL, so they can't be sniffed. If someone tried to MITM after compromising Torwallet.net, the SSL certificate would have a different fingerprint and it would be detected as an error, since you have created a special exemption in your browser for that specific fingerprint.

One the torwallet.net page it claims "Seizing or hacking this server will have no effect on TORwallet's services and gain you no bitcoins, only our wrath", but this is wrong. If the torwallet.net server is hacked, the private key of the SSL certificate is exposed, and the hacker will know the URL query strings
That is not correct. Torwallet.net does not contain any private keys, and it is a separate server from the .onion site. They are not hosted on the same server. Not sure what's so hard to understand about that.

I mean private key of the SSL certificate, not private key of BTC accounts. Not sure what's so hard to understand about that......
I know you meant that, and you are incorrect. The private key of the SSL certificate is stored on the .onion site, not on the torwallet.net server. Perhaps you should look closer at how socat works: it has the option to serve up its own certificate, but that is not in use here. It is simply concatenating data between ports 443 and 9050, in both directions.

I mean the private key of the SSL certificate of torwallet.net, not the SSL certificate of the .onion site ......

Donation address: 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Bitcoin Wizards Wiki: https://8333.info/
rjk
Sr. Member
****
Offline Offline

Activity: 420


1ngldh


View Profile
June 27, 2012, 05:16:33 PM
 #99

I know you meant that, and you are incorrect. The private key of the SSL certificate is stored on the .onion site, not on the torwallet.net server. Perhaps you should look closer at how socat works: it has the option to serve up its own certificate, but that is not in use here. It is simply concatenating data between ports 443 and 9050, in both directions.

I mean the private key of the SSL certificate of torwallet.net, not the SSL certificate of the .onion site ......
The SSL private key for torwallet.net is stored on the .onion server, and the .onion server does all the encryption and decryption. That's why it's a little slow; all the traffic must pass through tor first to get to and from the remote .onion server

torwallet.net does not have a private key of its own stored on it or in use for it.

Mining Rig Extraordinaire - the Trenton BPX6806 18-slot PCIe backplane [PICS] Dead project is dead, all hail the coming of the mighty ASIC!
jl2012
Legendary
*
Offline Offline

Activity: 1484


View Profile
June 27, 2012, 05:22:32 PM
 #100

I know you meant that, and you are incorrect. The private key of the SSL certificate is stored on the .onion site, not on the torwallet.net server. Perhaps you should look closer at how socat works: it has the option to serve up its own certificate, but that is not in use here. It is simply concatenating data between ports 443 and 9050, in both directions.

I mean the private key of the SSL certificate of torwallet.net, not the SSL certificate of the .onion site ......
The SSL private key for torwallet.net is stored on the .onion server, and the .onion server does all the encryption and decryption. That's why it's a little slow; all the traffic must pass through tor first to get to and from the remote .onion server

torwallet.net does not have a private key of its own stored on it or in use for it.

oh sorry, I don't know this is possible! Thank you!

Donation address: 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion
PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
Bitcoin Wizards Wiki: https://8333.info/
Pages: « 1 2 3 4 [5] 6 7 8 9 10 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!