Author: BitingBird Date: To: The Tails public development discussion list Subject: Re: [Tails-dev] Electrum doc wrt. avoiding the negative effects of
DoS [was: Re: Article: Bitcoin over Tor isn't a good idea]
sajolida: > Minoru:
>> sajolida,
>>
>> I agree with your changes so far. The reason for the specific
>> explanation is that Electrum over Tor is extremely vulnerable to
>> attack. If you read the article http://arxiv.org/pdf/1410.6079v2.pdf >> it only takes 2500 USD and publicly available information to have
>> complete control over which Bitcoin blocks and transactions users are
>> aware of. Would you still be interested in the additional documentation
>> that I proposed? I wanted to add three subsections to the Electrum
>> documentation focused on Tor DoS on SPV:
>> 1. Explain block confirmations (temporary fix for Electrum displaying
>> money that you actually do not have)
>> 2. Explain watching-only wallets (temporary fix for Electrum not
>> displaying money that you actually do have)
>> 3. Explain a possible long term solution to this problem by using
>> trusted Electrum servers accessed by a Tor hidden service (I might
>> remove this point because I'm not sure if it is currently possible
>> execute this solution since not many .onion Electrum servers exist and
>> it is difficult to trust centralized services)
>> I understand that you want to keep the documentation short and easy to
>> understand, but Electrum over Tor using SPV has a serious vulnerability
>> that needs a little more documentation to help users avoid the negative
>> effects of DoS.
>
> Thanks for following up on this. I'm still trying to understand the
> issue as I'm far from being a bitcoin expert. This whole issue is still
> quite fresh and I want to be sure that we first understand it correctly,
> and then put our energy in the best place to fix it.
>
> I'm worried about providing too much scary information that our users
> cannot act upon. Because giving people gory details about how they could
> be attacked might not be the best thing to do if they cannot do anything
> to protect themselves from such an attack. And if we believe Electrum in
> Tails is not good enough then we should remove it, but I think we're not
> there yet.
>
> I read the thread on tor-talk about that:
> https://lists.torproject.org/pipermail/tor-talk/2014-October/thread.html#35329 >
> And if I understand correctly, if this attack was to be conducted it
> would affect *all* bitcoin users over Tor. It is not a targeted attack
> at only some individuals, right?
>
> I also understood that a workaround would be to rely on a list of
> decentralized hidden services to mitigate the DoS power that exit nodes
> could have.
>
> So to be more useful to our users, what could you do, as a user of Tails
> 1.3, to protect yourself against such an attack? For example, is it
> possible to configure more hidden services for Electrum to use? If so,
> could we provide this as a fix in 1.3.1 for everybody? Could it be fixed
> upstream by the Electrum people?
> Also: the problem should probably de documented upstream
(electrum/bittorent page / wikipedia/ somewhere?) and we could just link
to the detailed explanation.
