Silk Road forums

Discussion => Security => Topic started by: sandybridge on June 22, 2011, 06:39 pm

Title: Tutorial - How to be untracable with Bitcoin
Post by: sandybridge on June 22, 2011, 06:39 pm
Part 1. Configuring your client

1. fire up tor http://torproject.org
2. open bitcoin client http://bitcoin.org
3. settings > options > connect through socks4 proxy (check this box - the default options will the default IP and port that tor uses - i.e. 127.0.0.1 and 9050, respectively)

Part 2. Conducting your business

1. Use a new bitcoin address for every transaction.

Part 3: Cashing out

1.<coin tumbling instructions go here>

Congratulations, you are now using bitcoin anonymously; now your transactions can be tied neither to you nor to each other.
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: g4bb3r on June 22, 2011, 09:51 pm
This does NOT make your bitcoin usage anonymous. You have to properly mix/tumble your coins.
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: Modoki on June 22, 2011, 09:59 pm
I already wrote this on other occassion. This is dangerous as it is not anonymous.
Please stop posting your shitty pseudo tutorial, even if it was anonymous it would be poor. Being wrong its even dangerous.
Take care,
greets, M
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: sandybridge on June 22, 2011, 11:38 pm
@Modoki: No, you're wrong, tor works.
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: backopy on June 23, 2011, 12:04 am
@Modoki: No, you're wrong, tor works.

Yeah, Tor works for hide your IP but with bitcoins you've to hide your bank account, totally different subjects. What can be traced by using bitcoins are the coins themselves. You buy bitcoins at an exchange, exchange notes the bitcoins he sold you, you buy something using your "secure method", your seller tries to cash those out at an exchange and BINGO! You and your seller will enjoy sometime together playing domino or chess at a prison cell.

You wrote a "get busted" tutorial.
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: freedome on June 23, 2011, 12:11 am
Could someone please clarify whether the method sandybridge mapped out actually does anything useful to improve anonymity?
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: Modoki on June 23, 2011, 01:11 am
It is useful, but it is by no means the only thing you need to do. See this thread for details.

http://dkn255hz262ypmii.onion/index.php?topic=96.0

Greets, M
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: rake on June 23, 2011, 01:29 am
Correct me if I'm wrong, but buying through the SR escrow service means that the seller does not receive the same coins that the buyer sent, which is one form of tumbling.
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: Modoki on June 23, 2011, 01:53 am
Yeah, you are right, dear rake :)
though, as mentioned in the other thread, I for myself wouldn't trust an entity as silkroad alone.
Moreover, using other tumbling also adds to security since the variance adds up and especially if you do larger payments, the tumbling may be limited (at the moment as silkroad is not yet that big).
But you are right. Silkroads tumbling feature greatly improves unlinkability. I just wanted to point out that I do other tumbling as well and think its a good idea, but this depends on your habits, what you're doing on silkroad and your payment amounts.
Greets, M
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: freedome on June 23, 2011, 05:12 pm
Hi,

I followed sandybridge's instructions or 'tutorial' and connected through socks4 proxy (checked thebox) with the default IP at 127.0.0.1 and 9050. However prior to doing this I transferred bitcoins to my purse from SR and after I did these steps in the settings the Bitcoins weren't going through, no data at all was going through. I had to change them back to enable the Bitcoins to go through..

Guessing I was doing something wrong?

If this was correct then isn't following those steps pointless as you don't get your Bitcoins..?!
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: sandybridge on June 23, 2011, 05:40 pm
You have to wait a while after turning on your client until it can pick up connections. Tor might make this take as little longer. It works, trust me this is how I have it set up and it works.
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: backopy on June 23, 2011, 07:50 pm
Here, have a piece I wrote a while ago, before someone gets hurt by using Tor as the "anonymous magic bullet":

Let's start here a small overview on how bitcoins do work.
First there're no IP to IP transactions. Bitcoin software does NOT says something like: 123.123.123.123 pays 123.123.123.124 10 bitcoins. It just uses the bitcoin addresses and those addresses are not output by the client from external queries. Imagine the blockchain as an airport baggage convoy, that's how it works, A inputs a transaction to the blockchain and B, by downloading the blockchain, collects it.
Your IP might be less than a worry, but you still might want to conceal it.

Bitcoin bootstrap and your IP.

This is the place where bitcoin gives away your IP, it connects you to an irc channel #bitcoinXX (where XX is a random number between 00 and 99) at irc.lfnet.org - this network doesn't mask IP's so it possible to know or list everybody who uses bitcoin. Tor may circumvent this issue, even if Tor itself has its bootstrap directories where it leaks the ips. But if you use Tor and Bitcoin not under Tor it will be possible to know that you're using Bitcoin AND Tor from your place, if you use Bitcoin under Tor than it's just possible to know you're using Tor.
Both rely on the "hide in the mob", the more users Tor and Bitcoin have the best concealed you are.

Bitcoin weakness

Done with IP Addresses, this is what you've to bear in mind about bitcoin, even if the addresses doesn't mean nothing, the coins are unique. Each piece has its own fingerprint and it's possible to know by what addresses they went until the moment they were generated.
Basically an attack can be performed like this:

Cop A buys or gets Bitcoins 1A and 3H (for this example I'll simplify the hashes) and pays with them to Dealer B.
Dealer B goes cash them out at an exchange for PayPal USD, exchange knows now that coins 1A and 3H were sold by PayPal user john@hotmail.com, they rat it to Cop A who gets a warrant to fetch it from PayPal. PayPal knows john@hotmail.com lives at 152nd Street, 19, NYC... Got the picture?
It doesn't quite matter what bitcoin address dealer B used to collect them or by which address threw them back, the coins themselves gave him away.

To prevent this:

Mixing - Mixing is to input all coins to a central place and throw them from there. So coins 1A and 3H may be the ones used to pay Dealer B or Farmer C. Still they give away that you're selling at the place where they were mixed.

Tumbling - This is to pretend transactions, make it look like the coins were used to pay something to C, to D, to E, to F... in a way they look like are just circulating around as normal cash.

The best solution is to mix and tumble in a way that the coins can't be linked to where they were used or by who.

To take care:
Some services uses just bitcoind wallets as wallet, they don't mix their coins. So if you deposit 2 bitcoins, 1A and 3H (from the example), to mybitcoin and then withdraw 2 bitcoins you'll be getting the same 1A and 3H back.
Title: Re: Tutorial - How to be untracable with Bitcoin
Post by: phubaiblues on June 23, 2011, 08:03 pm
thanks @sandybridge...you've been helpful on here in various ways, making my system more secure...we all know there is no *perfect* setup, but more we can insulate ourselves, the better our chances...