sajolida, I agree with your changes so far. The reason for the specific explanation is that Electrum over Tor is extremely vulnerable to attack. If you read the article http://arxiv.org/pdf/1410.6079v2.pdf it only takes 2500 USD and publicly available information to have complete control over which Bitcoin blocks and transactions users are aware of. Would you still be interested in the additional documentation that I proposed? I wanted to add three subsections to the Electrum documentation focused on Tor DoS on SPV: 1. Explain block confirmations (temporary fix for Electrum displaying money that you actually do not have) 2. Explain watching-only wallets (temporary fix for Electrum not displaying money that you actually do have) 3. Explain a possible long term solution to this problem by using trusted Electrum servers accessed by a Tor hidden service (I might remove this point because I'm not sure if it is currently possible execute this solution since not many .onion Electrum servers exist and it is difficult to trust centralized services) I understand that you want to keep the documentation short and easy to understand, but Electrum over Tor using SPV has a serious vulnerability that needs a little more documentation to help users avoid the negative effects of DoS.
Cheers, Minoru _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
