Slashdot Mirror
Deanonymizing Tor: Your Bitcoin Transactions May Come Back To Haunt You (wired.com)
jwhyche, Slashdot reader #6,192, writes:
If you bought some illegal narcotics off Silk Road or even gave money to Wikileaks. Researchers at Qatar University and Hamad Bin Khalifa University have been able to link these transactions with real world identities. They have been able to do this even if the transactions are years old. Their research shows how easy it is to link accounts to these transactions without using any of the tools available to law enforcement like search warrants or subpoenas.
The researchers started with 88 unique bitcoin addresses from Tor hidden services, and then searched 5 billion tweets and 1 million pages on the Bitcoin Talk forum -- ultimately linking 125 unique users to 20 Tor hidden services. "Bitcoin addresses should always be considered exploitable," the researchers conclude, "as they can be used to deanonymize users retroactively."
Their paper is titled "When a Small Leak Sinks a Great Ship: Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis," and Wired summarizes one of their conclusions. "Even deleting profile information that includes bitcoin addresses may not be enough if a post has been cached or captured by services like the Internet Archive, they point out. 'If you're vulnerable now, you're vulnerable in the future.'"
The researchers started with 88 unique bitcoin addresses from Tor hidden services, and then searched 5 billion tweets and 1 million pages on the Bitcoin Talk forum -- ultimately linking 125 unique users to 20 Tor hidden services. "Bitcoin addresses should always be considered exploitable," the researchers conclude, "as they can be used to deanonymize users retroactively."
Their paper is titled "When a Small Leak Sinks a Great Ship: Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis," and Wired summarizes one of their conclusions. "Even deleting profile information that includes bitcoin addresses may not be enough if a post has been cached or captured by services like the Internet Archive, they point out. 'If you're vulnerable now, you're vulnerable in the future.'"
Monero is where the darknet markets are moving to, away from Bitcoin. The blockchain is itself encrypted, and soon it will be integrated with I2P
Part of the Second American Revolution!
But is it saying they just searched for idiots that publicly posted their bitcoin address under their real name? Wouldn't that be like tracking down a phone number to it's owner because they stupidly posted it publicly somewhere on the web?
It can't be that simple if it's called research, can it?
They did not deanonymize *TOR*, the onion router network for anonymizing web traffic. They deanonymized Bitcoin transactions.
Tor != Bitcoin.