[Tails-project] Conflicting bitcoin donation address

Nachricht löschen

Nachricht beantworten
Autor: CANNON
Datum:  
To: tails-project, tails-support-private
Betreff: [Tails-project] Conflicting bitcoin donation address

TO
tails-project@???
tails-support-private@???

Are some bitcoin donations going to an unintended address?

I have noticed that whenever visiting the TAILS donation page https://tails.boum.org/donate/index.en.html?r=banner
that it presents conflicting bitcoin addresses. Out of curious if my computer was compromised I did some digging into
this to see why this was happening. I tested various browsers, virtual machines, exit nodes, browser versions etc...

I think I might have found the pattern to re-produce this issue. If visiting that page when blocking scripts it loads
the address starting with 3Q. But if scripts are not blocked in the browser sometimes the address with 1B will load.
It is usually every other time the page loads with no scripts blocked in the browser that this 1B address presents
itself. Upon examining the source code it looks like the 1B address has an "ID" of tails-bitcoind and the 3Q address
has an "ID" of riseuplab-coinbase.

1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2

3QirvVRntoascPfTgNTUQvKxfKwPah5FNK

Pardon my formatting. I had to cut two lines of the source code in half (LINE BREAK) so it would fit on my screen.

#  <div class="col-md-5">
#      <div id="bitcoin">
#        <h4>Bitcoin</h4>
#         
#         <div class="bitcoin-address" data-weight="9" id="tails-bitcoind">
#           <p><a href="bitcoin:1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2"><img class="img" height="185"
#LINE BREAK#src="./bitcoin-1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2.png" width="185" /></a></p>
#           <p><strong>1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2</strong></p>
#         </div>
#         <div class="bitcoin-address" data-weight="1" id="riseuplab-coinbase">
#           <p><a href="bitcoin:3QirvVRntoascPfTgNTUQvKxfKwPah5FNK"><img class="img" height="185"
#LINE BREAK#src="./bitcoin-3QirvVRntoascPfTgNTUQvKxfKwPah5FNK.png" width="185" /></a></p>
#           <p><strong>3QirvVRntoascPfTgNTUQvKxfKwPah5FNK</strong></p>
#         </div>
#      </div>


Can someone else confirm this same behavior?
What one is the proper donation address for TAILS? Why is this happening? This triggers suspicion.
I also have a copy of the source code in case it changes. I can provide the full source code if it is requested.

- --
Cannon
PGP Fingerprint: 2BB5 15CD 66E7 4E28 45DC 6494 A5A2 2879 3F06 E832
Email: cannon@???

NOTICE: ALL EMAIL CORRESPONDENCE NOT SIGNED/ENCRYPTED WITH PGP SHOULD BE CONSIDERED POTENTIALLY FORGED, AND NOT PRIVATE.