Bitcoin and Anonymity

anonymous bitcoin.PNG


It is quite tricky when using bitcoin to make things completely anonymous since by default all bitcoin transactions are not anonymous but are called Pseudo anonymous.

On the public blockchain everyone can inspect and see all transactions written to the distributed database, however none of the transaction are linked to a person i.e. names, emails, IP addresses etc.. are nowhere to be seen. You might then be wondering how a person’s identity can be tracked down - there are many ways! By the end of this blog you’ll know much more about how to interact with bitcoin in an more anonymous way.


Use TOR:


tor project.PNG

To defend yourself against tracking and surveillance whilst using bitcoin it would be a good idea to use TOR. TOR stands for ‘The Onion Router’ and is a free and open-source browser that enables anonymous communication. It redirects your internet traffic through a free, worldwide, volunteer overlay network, consisting of more than 6,000 relays and conceals your location and usage from anyone conducting network surveillance or traffic analysis. Thus your ISP will not know where your traffic is going to.

You can download TOR from The TOR Project website and it is available on a number of operating systems including Windows, MacOS, Linux and Android. TOR is based on a modified version of Firefox ESR with lots of privacy settings - do not change any of the settings or your traffic may no longer be hidden. Everytime Firefox ESR gets an update then TOR is also updated, please try to keep TOR up to date.


It is worth knowing about the 2 main drawbacks of using TOR:

  1. TOR will almost certainly slow down your browsing experience because your data is being relayed through numerous hops.

  2. Your TOR data is encrypted along its route to your destination server, however if the last relay does not use SSL then the chain can be compromised - this is known as ‘Exit node eavesdropping’



Use new bitcoin public keys

bitcoin keys.PNG

Bitcoin public keys are the ones that anyone can view on the blockchain, so someone will be able to see how much was transferred out of or into a public key address. It is easy to get up a picture of funds building up at a public key and if that public key was issued by an exchange they know who you are. Alternatively imagine the scenario where you use the same public key to pay for a coffee in the morning, the owner of the coffee shop can easily look at the total funds at this public key. Security experts all recommend that you never use the same public key more than once, i.e. generate a new public key everytime you send/receive bitcoin (there are plenty to go around so don’t worry about running out of them - in fact there are 1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976 of them!) - you can recognise a public key, it consists of 26-35 alphanumeric characters and begins with either a 1 ,3 or bc1.

Generating a new public key every time you transact stops the average guy from finding out the total number of bitcoin you have, so now you’re safe to go to the coffee shop again :)

It is easy for governments to buy up ISP logs and match them up with the bitcoin public key you have used thus revealing your identity! There are 3 companies who boast almost every 3 letter agency (i.e. NSA, CIA, FBI etc..) as their clients and they have extensive ways to track bitcoin ownership - they are:


Use a VPN tunnel




This is a huge subject and probably require a separate blog of its own!

A VPN (or Virtual Private Network) enables you to send data across a public network (e.g. the web/internet) as if you were using a private network.

The VPN will hide your IP address i.e. it redirects your traffic through remote servers run by the VPN company, so if you are surfing online with a VPN then the VPN server is the source of your data and your ISP cannot see the sites you are visiting and the data you are sending to/from those sites.

If you are using a public wifi network (e.g. in a coffee shop) - you should always use a VPN - if not then what you are doing is wide open to anyone sitting in the same coffee shop with some simple tools - you have been warned!

For extra security it is also worth considering downloading some software that can change your devices MAC address, also useful to get you extra free wifi time if they are only giving you one free hour :) - you can download the well known Technitium MAC address changer by clicking here.

VPNs also have the advantage of changing your country of origin so it appears you are originating from another destination - very useful when you want to get around geo-location restrictions that are associated with many websites.

There are many free VPNs on the market - however be careful many of them log your data and some sell it! We would recommend you buy a good VPN and here are some of the things you may wish to look out for when making that important purchase:

  1. Make sure the VPN has a built in kill switch (sometimes called a Network Lock) - not all of them do. This is a feature that will automatically disconnect you from the internet if for some reason the VPN connection fails.

  2. Make sure you buy a VPN that does not leak! There are many ways a VPN can leak e.g. DNS leaks, WebRTC leaks, IP address leaks etc.. - test the free/trial version using this excellent tool before you purchase your VPN - www.dnsleaktest.com

  3. Buy a VPN from a company that does not keep logs or at least say they do not keep logs.

  4. If possible, buy a VPN from a company based outside of the 5/9/14 eyes alliance set of countries, if your VPN is in an allied country then the various surveillance agencies can access your browsing activity, if it is a no log VPN then they will not have records to hand over to the authorities.


Bitcoin ATMs

bitcoin atm.PNG


It used to be that you could walk up to a bitcoin ATM, insert some cash and receive a QR code with your bitcoin address (less the ATM fee), however more and more of these ATMs now require you to identify yourself e.g. a bank card, drivers licence or passport. The Fifth Anti-money Laundering Directive (AMLD5) in Europe and FinCEN’s Final Rule in the USA apply not only to ATMs but cover exchanges, mixers, dApps that sell coins, ICO issuers, mining pool operators, custodial wallets, and any other crypto payment processors! If you can find an ATM that sells crypto currency and does not require identification then you will be able to buy (and perhaps) sell bitcoin anonymously.








Cryptocurrency mixing


bitcoin mixing.PNG

Cryptocurrency mixing (also called Cryptocurrency tumbling) are services that offer to receive bitcoin (possibly tainted) and give you bitcoin at the other end that obscures the trail back to the original source on the blockchain - it may sound a little bit like money laundering and for many people that is exactly what it is used for.

These tumbler services typically take a transacgtion fee of around 1%-3% : Be aware that using tumbler service is illegal in some countries and there have been cases where exchanges have refused to accept bitcoin which have come from these services!

Many of the tumbler servcices from a few years back have now moved on to the dark web - so you will need to use TOR to access their servies.

In recent years peer-to-peer tumbling service have appeared - these tumblers act as a place for bitcoin users to meet, instead of automatically taking bitcoins for mixing, users arrange mixing by themselves. This model solves the problem of the tumbling service stealing, as there is no middle man. When it is completely formed, the exchange of bitcoins between the participants begins. Apart from mixing server, none of the participants can know the connection between the incoming and outgoing addresses of coins.

The 4 of the most well known cryptocurrency mixing services are:

  1. Blender [Tor link: v3: blenderiopnzbuvtva6d2ddiedrbf6fbekh5axomzho6wrulowcludad.onion v2: blenderiocpxfema.onion]

  2. ChipMixer [Tor link: V3: chipmixorflykuxu56uxy7gf5o6ggig7xru7dnihc4fm4cxqsc63e6id.onion V2: chipmixerwzxtzbw.onion]

  3. CryptoMixer [Tor link: crypmix4m5iunofa25mpmiihdb56oaqg57tvrebqatc6otn3w65qhlid.onion]

  4. FoxMixer [Tor link: foxmixer4dw2zluv7gy4pgqrpp2ab6p323s5clcyt7i5csbpk2pzezid.onion]

(We do not endorse or recommend any of the above products - do you own research and use with cautioin)

Centralized mixing services offer an obvious single point of failure. Even if you trust that the service is using multisignature addresses, if the service is willing to share its logs or has been breached, you will lose your all your privacy.

CoinJoin solved this problem by combining the inputs of multiple users into a single transaction. The service will then take those coins, craft them into a transaction, and have each participant sign before broadcasting it to the network. These transactions are then merged into one, and each user gets the original quantity in return. However, no one can see the origin of those coins, not even the entity that merges the transaction.

Even though CoinJoin isn't exactly untraceable it is a technology worth reading up on. The Wasabi wallet has coinjoin built into the wallet. The Wasabi wallet is only available as a desktop program (be careful there are fake Wasabi mobile wallets). A very similar service is offered by the Samourai wallet, which also offers a Chaumian CoinJoin mixing service, known as Whirlpool. For a full privacy solution you must connect the Samourai wallet to your own full Bitcoin node. Samourai, unlike Wasabi offer both desktop (Windows, MacOS and Linux) and mobile (Android) versions of their wallet.

There are many scam bitcoin mixing services and below we have a large list of those you should avoid: [Thank you to LeGaulois for creating this list]

A
- anonymix-mixer.com
- anonymous-ethereum-mixer.com
- anonymous-tether-mixer.com


B
- Bch-mixer.com: scam
- Bchblender.com
- bestbitcoincleaner.com
- best-coin-mixers.com
- Best-ethereum-mixer.com: scam
- Bestmixer.Biz : scam
- Bestmixer.Biz scam accusation
- Bestmixer.mx : scam
- Bestmixer: seized on May 2019
- BitBlender.com: fake clone of BitBlender.io
- BitBlender.eu scam/ clone of BitBlender.io
- BitBlender: discontinued on May 2019
- BitCloak Bitcloak4rkfygal.onion
- Bitcoin Fog: Scam
- Bitcoin-Blender.com: scam
- Bitcoin-Laundry.com Scam accusation
- Bitcoin-Laundry.com: scam
- bitcoin-laundry.online
- Bitcoin-mixer.net
- Bitcoincash-tumBler.com: scam
- BitcoinFog foggeddri62ueax6.onion
- bitcoinmixers.cc
- Bitcoinmixer.eu: scam
- Bitcoinmixer.eu: scam
- bitcoinmixer.io: look like a scam
- Bitcoinmixer.org: scam accusation
- Bitcoinmixer.se: same scam as Bitcoinmixer.to
- Bitcoinmixer.to: scam accusation
- Bitloader.cc: scam accusation
- BitMaximum, Bitmaximumgnmsaf.onion
- BitMaximum.io: closed/disappeared
- BitMix.Biz: closed
- BitMixBiz BitmixBiz7xyslve.onion
- Bit-mix.biz: scam/clone
- bitmix.online
- BitMixCoin.io
- Bitmixer-io.com: clone of Bitmixer.io closed in 2017 or 2018
- Bitmixer-original.com: scam clone of Bitmixer.io
- BitMixer.io: discontinued on July 2017
- Bitmixer.to: scam clone of Bitmixer.io
- Bitmjxer.com: scam clone of Bitmixer.io
- Bitwhisk.io: Likely a scam
- Bitwhisk: discontinued on November 2018
- Bitzmixer.xyz: scam clone of Bitmixer.io
- blenderbtc.com
- blenderbit.com
- Blender.page
- Blender.run
- Blender.work
- BlenderIO Blenderiot6rg2io.onion
- Blendér.io
- Btc-mixer.com: scam
- btc-mixer.io
- Btcblender.com
- Btcblenders.io

C
- chipbitmixer.com
- chip-mixer.com: scam/clone of Chipmixer.com
- chiph3Blatt3nz5ydz5a7osvvvyv3gclz3ujcdgljazddixoto4muayd.onion: clone, not the real site from Chipmixer
- chipmix.io: scam/clone of Chipmixer.com
- Chipmixer: chipmixer7vrgjzh.onion
- chipmixer.shop: scam/clone of Chipmixer.com
- chipmixer.me: scam/clone of Chipmixer.com
- Chipmixer.info: scam/clone of Chipmixer.com
- chipmixer.ru: scam/clone of Chipmixer.com
- chipmixer.se scam/clone of Chipmixer.com
- ChipMixer.site: scam/clone of Chipmixer.com
- chipmixerr.com: scam/clone of Chipmixer.com
- chipmixers.com: scam/clone of Chipmixer.com
- ChipMixer.cm: scam/clone of Chipmixer.com
- chipmixers.io: Typosquatting
- chipmixẹr.com: - xn--chipmixr-z30d.com: homograph attack
- chippmixer.com: scam/clone of Chipmixer.com
- chispmixer.com: scam/clone of Chipmixer.com
- chipmixer.one: scam/clone of Chipmixer.com
- chipbitmixer.com: scam/clone of Chipmixer.com
- https: //xn--chipmixr-z30d.com/index.html (IDN homograph attack) scam/clone of Chipmixer.com
- coinblender.org
- Coinice.net: scam, clone of cryptomixer.io
- Coinmix-service.lima-city.de: scam clone of Bitmixer.io
- CoinMixer.es: scam
- Coinmixer.es: scam
- coinmixer.info
- coinmixer.io scam
- Coinmixer.io: clone/scam
- coinmixer.it: copy (or scam clone) of Anonymixer
- coinmixer.online: scam
- Coinmixer.se: discontinued on July 2018
- Coinmixer.sx: scam
- coinomize.Bz: Scam Domain
- coinomize.cc: Scam Domain
- coinomize.net: Scam Domain
- coino-mize.com: Scam Domain
- coinomqrds5ti77r.onion: Scam Domain
- coinpal.eu
- criptomixer.net
- cryptamixer.io
- Cryptamixer.io: clone/scam
- cryptmixer.com: scam (trustpilot.com/review/cryptmixer.com)
- cryptoBtcmixer.com: too many red flags
- cryptomexer.io
- cryptomixer.ai
- cryptomixer.app
- cryptomixer.Bz
- crypto-mixer.cc
- cryptomixer.eu
- Cryptomixer.eu: clone/scam
- cryptomixer.host
- cryptomixer.icu
- cryptomixer.in
- Cryptomixer.in: clone/scam
- cryptomixer.ink
- cryptomixer.it
- cryptomixer.link
- cryptomixer.me
- Cryptomixer.me: clone/scam
- cryptomixer.ml
- Cryptomixer.ml: clone/scam
- cryptomixer.se
- Cryptomixer.se: clone/scam
- cryptomixer.tech
- cryptomixer.tech
- cryptomixer.us
- Cryptomixer.us: clone/scam
- cryptomixer1.com
- cryptomixes.io

D
- dai-tumBler.com: scam
- DarkMixer mixerpkpxev6qruk.onion
- dogecoin-mixer.to: scam
- dogecoin-mixer.cc

E
- Ecomix.io: discontinued on May/June 2019
- EludeMail eludemailjkymwox.onion
- eth-blender.com
- eth-ethereum-mixer.com: scam
- ethereum-mixer-anonymous.com: scam
- ethereum-tumBler.com: scam
- ethereums-mixer.com
- ethereum-mixer.online

F
- fresh-btc.com

G
- ghostmixer.cc: scam
- Ghostmixer: discontinued on March 2019
- go-overt.com: closed
- grams-helix-light.com: scam (Helix closed Back in 2017 and this site is trying to fool people)

H
- Helix-grams.com: scam (Helix closed Back in 2017 and this site is trying to fool people)
- helixlightgrams.com: scam (Helix closed Back in 2017 and this site is trying to fool people)

L
- litecoin-mixer.org: scam
- litecoin-mixer.online

M
- MixaBit mixBitw5m5zh4m7u.onion
- MixerMoney mixermike3kwriae.onion
- Mixertumbler.com: closed
- MixTum mixtumm4rtq2kfqe.onion
- mixum.io: Fake copy of the mixer mixtum.io
- monero-mixer.in
- monero-mixer.to: scam
- MyBitMix myBitmixnzdtjave.onion
- myBitmix.to: scam
- mycryptomixer.app phishing copy
- mycryptomixer.com

O
- OnionWallet sBqaxe6dwiydetyr.onion

P
- polkadot-mixer.to: scam
- Privcoin tr5ods7gfBea5itl.onion
- privcoin.io privcoin.io decided to close

S
- samourai-mixer.cc
- Securemixer.io: scam accusation
- smartbitmix.com
- smartcoinmix.com
- Smantmix.io: scam
- SmartMix.io:
- smartmixer.io: scam accusation
- Sudokuwallet.io Scam accusation

T
- tether-usdt-mixer.com
- the-crypto-mixer.com: scam
- theBitcoinmixer.org: scam
- tron-mixer.to: scam
- TumBler.to: closed

U
- UltraMixer.net: scam
- usdc-mixer-anonymous.com: scam
- usdt-tether-mixer.com: scam

V
- VirginBitcoins freshBowfjqvyrxm.onion

W
- wasabi-mixer.com
- WhaleMixer: scam accusation
- white-btc.com

[If your mixing service has been included in the above list and you feel you have been wrongly categorized please let us know]



Other tin foil hat ideas


It really depends on how far you want to go and who you are hiding from, however the following advice is for those who wear ‘tin foil hats’ and are really serious about hiding their online activity from everyone.

  1. Consider buying a laptop (with cash of course) from a garage sale!

  2. Uninstall Windows and use a more secure operating system e.g. Tails OS which can be download from here.

  3. Avoid using Wi-Fi at all costs!

  4. Use military grade encrpytion on your hard disk.

  5. Do not use crypto exchanges.

  6. Hold your crypto coins on cold wallets (offline) and backup your seed phrases on metal plates.

  7. Use 2FA (2 factor authenitcation) whenever you can.

  8. Keep yout anti-virus up to date - there is some clever crypto specific clipboard malware on the go.

  9. Never re-use the same public key more than once.

  10. Use a no-logs VPN as much as possible when interacting with the web/internet.

  11. Make use of the TOR browser (always use the latest version).

  12. Never buy a hardware wallet (e.g. Trezer or Ledger) from a marketplace (e.g. ebay or Amazon) - always buy direct from the manufacturer.

  13. Consider protecting your wallets with multi-signatures.

  14. Never use any wallet where you do not cotrol the private key(s). [i.e. use non-custodial wallets].

  15. Check bitcoin scam alert sites e.g. bitcoin abuse, Crypto Scam Db & Scam Alert.

  16. Watch out for keyloggers on your machine (most good anti virus programs will detect these)

  17. Make use of air-gapped computers - i.e. ones that are never connected to the internet.

  18. Oh yes, we almost forgot, wear a tin hat at all times : )













































Previous
Previous

Bitcoin Myth: Bitcoin is only used by criminals

Next
Next

Please don’t buy fake wallet.dat files !