This is an archived post.You won't be able to vote or comment.So does this work or is it a scam?(self.onions)submitted by Throwaway account because I'm embarassed to ask... http://f7tyfzd2bbqi7jaa.onion/ It claims to "double your bitcoins" π Rendered by PID 15169 on app-239 at 2017-06-24 13:09:08.406611+00:00 running 3522178 country code: SG.Using bitcoin over the anonymity network Tor leaves users at greater risk of having their identities revealed, according to academics at the University of Luxembourg.If that seemingly paradoxical finding isn't enough to scare privacy-loving bitcoiners, the researchers also determined that an attack could be mounted on an "economy" budget of just $2,500 a month.Such an attack could expose the identity of a bitcoin and Tor user, and allow the attacker to meddle with the victim's transactions, they said.Ivan Pustogarov, one of the two researchers working on the issue, explained: "The problem here is with anonymity.When people are connecting through Tor, they are expecting to have a higher level of anonymity ... it does provide some level of anonymity, but it is not that hard to break this."

The attack is laid out in a paper titled, Bitcoin Over Tor Isn't A Good Idea, written by Pustogarov, a doctoral student at CryptoLUX, the University of Luxembourg's cryptology research group, and Alex Biryukov, an associate professor who leads the group.Pustogarov said the paper is to be submitted for peer-review to be presented at a cryptography and information security conference.The sort of manipulation described by the authors is known as a 'man-in-the-middle' attack (MitM) and, if successful, could reveal a user's IP address, which can be used to locate the user, and allow an attacker to 'glue', or correlate, the transactions performed by that user from different bitcoin addresses."A low-resource attacker can gain full control of information flows between all users who chose to use bitcoin over Tor.In particular the attacker can link together user's transactions regardless of pseudonyms used ... and a totally virtual bitcoin reality can be created for such ... users."As a result, a victim would also be at the attacker's mercy regarding information about his transactions, since they would be able to delay or discard a victim's transactions or blocks.

In an extreme scenario, a bad actor could even dupe a victim into thinking they had received bitcoin when in fact they had not (a so-called 'double-spending attack'), Pustogarov said.bitcoin fatal errorThis sort of attack would have ramifications for privacy-seeking merchants, on dark web markets, for instance.o que e moeda bitcoinA dark web merchant would also be at risk of being outed by rival businesses or disgruntled customers by such an attack.bitcoin mining what are you solvingDespite the MitM's ability to compromise a victim's privacy, it would not, however, be able to steal a victim's funds.ltc bitcoin minerTheir wallet and transactions are safe, even if the attack was successfully mounted, the researcher confirmed, adding: "The wallets are safe; bitcoins cannot be stolen.best bitcoin sportsbook

The attack is not that great."Pustogarov and Biryukov dreamed up the attack by focusing on a little-known aspect of the bitcoin protocol, its built-in protection against a denial of service attack (DoS).bitcoin ledger walletTo protect themselves, bitcoin servers award points to clients that send them problematic transactions.bitcoin mining uk calculatorWhen a client racks up 100 points, the server bans it for 24 hours.cow bitcoin gameIn an earlier paper, also focused on anonymity risks on the bitcoin network, the authors described a way to exploit this DoS protection to prevent Tor from being used to connect to the bitcoin network.bitcoin 25000They explained that, when a Tor user connects to the bitcoin network, his or her IP address is not revealed.

Instead, the bitcoin server sees the address of the connected Tor 'exit node', a type of server.As a result, an attacker could send enough bad transactions over Tor to get all the exit nodes banned by the bitcoin network.The authors build on that approach in their current paper.They say that a smart attacker could set up a number of bitcoin servers and Tor exit nodes before exploiting the DoS protection system to ban other Tor exit nodes from the bitcoin network.When a victim uses Tor to connect to the bitcoin network, he will be left with only the attacker's bitcoin servers to connect to, since he has been banned by all other servers.The attacker is now in control of all the information relayed to the user.Pustogarov and Biryukov estimate that the attack can be mounted for between $2,500 and $7,200 a month.This range would be required to guarantee sufficient bandwidth and/or multiple IP addresses for the attacks.At the lower limit, an attacker could control a significant portion of Tor exit node bandwidth, allowing him to direct a victim to a malicious bitcoin server.

With this amount of bandwidth, a victim would take under three minutes, on average, before connecting to a bitcoin server controlled by an attacker, Pustogarov said.There is some good news, however.Pustogarov noted that such an attack could be monitored fairly easily, by creating a program to check the percentage of Tor exit nodes banned by the bitcoin network at any given time, explaining: "If somebody decides to monitor if this attack is being carried out, he will be able to detect it immediately."The paper also outlines some ways of countering the attack, although they all require fundamental changes to the bitcoin protocol.The DoS protection system could be changed so that it only runs on half of all servers, by random selection, at any given time, for example.The use of Tor to increase anonymity with other applications has also proved problematic in some cases.For instance, earlier research showed that using BitTorrent, the popular decentralised file-sharing protocol, over Tor resulted in IP addresses getting leaked.