'Eavesdropping' Attack Can Unmask Up to 60% of Bitcoin Clients (X-Post from /r/bitcoin)

http://www.coindesk.com/eavesdropping-attack-can-unmask-60-bitcoin-clients/

This should definitely be a concern for anyone sending directly to a market. In the past I've cut it close with the amount of BTC I had and didnt want to pay the fee at BTCFog, and so sent directly to a market.

Anyone thinking of going that route should really think twice.


Comments


[7 Points] None:

It is definitely a great reminder to be using an IP address that isn't traceable to your identity, perhaps not so much a reminder about using a tumbler or not. (Both do have value, for sure.) The detection issue is nearly the same thing. Using a public wifi network or a spoofed IP of some manner offers a level of protection from the type of detection discussed in this article.

Even though it's common sense knowledge to not use ones home IP, I think plenty of people do it occasionally because it's extra work. Once people have placed enough orders, they can become comfortable enough to skip security steps they personally deem unnecessary. I'm definitely guilty of it myself. Even though being detected in this manner unlikely to actually happen, it's important to keep in mind it's theoretically possible and worth the step to secure oneself from it.

The cat and mouse game of detecting, and further anonymizing, rinse and repeat, bitcoin transactions is beyond fascinating.


[2 Points] MaliciousMembrane:

"A good portion of bitcoin users need not worry about being identified. Web wallet users won’t have their IP addresses exposed by the attack. An attack would only reveal the IP addresses used by the web wallet service."

Could this be used to deanonymize escrow or maybe even deposit addresses' IP addresses? If they run the btc client software server-side, this would reveal the location, or am I missing something?


[1 Points] sharpshooter789:

I believe this only affects people using bitcoin clients. If one get their bitcoins from coinbase or LBC and send them to btcfog or blockchain shared coin then to the market they shouldn't be susceptible to this attack.


[1 Points] YouLostTheGame97:

I sent my BTC from my phone directly to a market and then bought product with it... Should I be concerned?

What should I do in the future to protect my identity?