Author: Anatole Shaw 2014-07-28 03:12:35
Published on: 2014-07-28T03:12:35+00:00
A Tor node is processing the most traffic out of any tor node and it is mostly plaintext Bitcoin traffic. The node only exits bitcoin traffic (or anything else on port 8333) but the bandwidth is mostly used in being a Tor relay where there can be no port number discrimination. By providing so much bandwidth to the Tor network, the node puts itself in a strong position to observe a lot of Bitcoin traffic from users connecting with Tor, tamper with said traffic in some way, or hide the administrator's self-generated Bitcoin traffic in a crowd of other Bitcoin traffic emitting from the same IP address. There is a potential network exploit going on as the node has been up for three days and is doing a lot of bandwidth, mostly plaintext Bitcoin traffic. The node's throughput is probably not 'mostly' plaintext Bitcoin traffic, but by providing exit service for 8333, it puts itself in a strong position to do any or all of the mentioned possibilities.
Updated on: 2023-06-09T01:36:25.348005+00:00