Author: Christophe Biocca 2015-08-19 01:08:01
Published on: 2015-08-19T01:08:01+00:00
A developer has investigated a claim that Bitcoin XT contains an unmentioned addition which periodically downloads lists of Tor IP addresses for blacklisting. The investigation found that the code described does not run when behind a proxy of any kind, including Tor. The reported feature is not clearly described and has considerable privacy implications for users of the software. The feature is enabled by default and has a switch name which intentionally downplays what it is doing (disableipprio). Additionally, these claimed anti-DoS measures offer no protection whatsoever as connections are made over clearnet even when using a proxy or onlynet=tor, leaking connections on the P2P network with the real location of the node. Knowledge of this traffic along with uptime metrics can allow observers to easily correlate the location and identity of persons running Bitcoin nodes. Denial of service can also be used to crash and force a restart of an interesting node, making a new request to the blacklist endpoint via the clearnet on relaunch at the same time their P2P connections are made through a proxy. Requests to the blacklisting URL also use a custom Bitcoin XT user agent which makes users distinct from other internet traffic if you have access to the endpoints logs.
Updated on: 2023-06-10T20:24:32.586757+00:00