Published on: 2019-11-10T00:23:03+00:00
The discussion revolves around the use of SOCKS proxy and the Tor network with Bitcoin. One participant argues that using Bitcoin on the Tor network is not advisable due to its centralized structure and limited capacity, but using the Tor protocol for Bitcoin can add encryption and anonymity. He recommends using node-Tor, an open-source project designed for p2p, to relay the Bitcoin anonymized protocol using the Tor protocol between nodes. Another participant believes that SOCKS proxies have their use in controlled gateway infrastructure and that the Tor project is designed to allow anonymity and connection privacy. They argue that reducing Tor connectivity would be detrimental.The conversation also touches upon the disclosure of a buffer overflow vulnerability, CVE-2017-18350, which allows a malicious SOCKS proxy server to overwrite the program stack on systems with a signed char type. The vulnerability was discovered by practicalswift in 2017 and fixed in v0.15.1 of Bitcoin Core on November 9, 2017. It was initially introduced in v0.7.0rc1 of Bitcoin Core on August 27, 2012. The fix involved changing the dummy buffer to an explicitly unsigned data type to prevent conversion to/from a negative number. The existence of the vulnerability was disclosed to the bitcoin-dev mailing list in June 2019.In addition to Bitcoin Core, the email signature of one participant contains links related to Bitcoin and Zcash wallets, torrent blocklists, and anti-spy measures. The discussion highlights the advantages and disadvantages of using SOCKS proxy and the Tor network with Bitcoin, emphasizing the importance of understanding the potential vulnerabilities and risks associated with them. The focus should be on anonymizing Bitcoin when required and making it a true peer-to-peer network.
Updated on: 2023-08-02T01:32:03.476543+00:00