[OPSEC/Computer] Is it true that using Bitcoin over Tor is worse than using Bitcoin on the clearnet?

Edit: Also, is it possible to trace a computer using a watcing only electrum wallet?


Comments


[1 Points] None:

Where'd you hear that?


[1 Points] sharpshooter789:

Probably. Your best option is to use Tor->socks. You can do this with proxychains.


[1 Points] ShulginsCat:

This deanon attack has been discussed a number of times here. If you want to read a more in-depth discussion, including comments from Pustogarov - one of the three authors - take a look here:

https://bitcointalk.org/index.php?topic=632124.0;all

The conclusion seems to be that this attack is still viable afaik, although there are countermeasures and it is also detectable on the client side:

https://www.cryptolux.org/index.php/Bitcoin_P2P_deanonymization_attack_FAQ

is it possible to trace a computer using a watcing only electrum wallet?

I believe the answer is no, and this is because Electrum verifies the SSL certificates (SEE EDIT) of its peers and those are not easily faked. However if I'm not knowledgeable enough about the insides of Electrum to say with 100% confidence that it is immune. In fact, that is probably a good question to ask the authors since they do mention SPV explicitly but do not address the security provided by clients such as Electrum.

IMPORTANT EDIT: Certificate verification will only be available in v2.0 of Electrum, which should be available soon. However, the attack described in the article will not work on Electrum for a different reason: Electrum does not save address cookies. Adding to that, in order for the deanon portion of the attack to succeed, the user must connect to Electrum via clearnet at least once. DNM users should be aware of this and take care to only use their Electrum wallets via Tor.