user-guides: don't recommend remote nodes #2367
Conversation
✅ Deploy Preview for barolo-time-757cf9 ready!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site configuration. |
nahuhh
force-pushed
the
nodes
branch
5 times, most recently
from
92df44a
to
c04cfac
Compare
|
todo:
|
Pulled into my branch with +100k/-100k diff PR to be thrown into the memory hole when new site comes. OR if this is security sensitive i could make a specific PR for only this as its new. |
|
We should warn about there are nodes run by malicious actors which are setup solely for de-anonymizing people. |
|
They are on p2p as well, to help defeat dandelion |
|
Is this PR concept ok? (should i proceed with the final touches on the english page and image?) |
|
when we just simply say discouraged user may wonder why, its better to include the warning I stated above imo. the new screenshot is ok for this PR. new PR can be made for better quality. current screenshots look blurry to me. |
Added a warning |
|
|
||
| ## Configuring your wallet to connect to a custom public remote node | ||
| It is important to note that there are publicly advertised remote nodes which are run by malicious actors with the sole purpose of deanonymizing users. |
There was a problem hiding this comment.
"deanonymizing users" -> lets expand/clarify this.
| It is important to note that there are publicly advertised remote nodes which are run by malicious actors with the sole purpose of deanonymizing users. | |
| It is important to note that there are publicly advertised remote nodes which are run by malicious actors with the sole purpose of deanonymizing users/outputs by, for example: | |
| - Linking clearnet IP addresses to txid's. | |
| - Providing bogus decoys to determine which output is the real spend. | |
| - For more information see [YouTube - Breaking Monero Episode 07: Remote Nodes](https://www.youtube.com/watch?v=n6Bxp0k7Uqg) |
There was a problem hiding this comment.
Linking clearnet IP addresses to TX IDs
Providing bogus decoys to determine which output is the real spend -> determining the source of coins
can be better
There was a problem hiding this comment.
Linking
clearnetIP addresses to TX IDs
clearnet is fine imo, even if the reader glosses over it, they need to be introduced to such terminology, especially when Tor/I2p is mentioned later.
Providing bogus decoys to determine which output is the real spend -> determining the source of coins
This is a good change yes
should we mention only the goal (not the method)?
"Attempt to determine the source of coins"
Or hinting at both the method and goal:
"Bogus decoys are provided in an attempt to..^"
If we mention only the goal, users might be more inclined to click on the linked video.
There was a problem hiding this comment.
The original is accurate
There was a problem hiding this comment.
also for @clearnet https://www.getmonero.org/resources/moneropedia/clearnet.html
The remote node episode in the breaking monero series is important to share / introduce. stating only "deanon users" is vague / broad and is now the perfect learning opportunity.after grabbing the readers attention.
There was a problem hiding this comment.
At the very least, the youtube video needs to be linked to clarify the vague 'sole purpose of deanonymizing users' statement, readers will definitely want to know more about that.
There was a problem hiding this comment.
I added the playlist already,i think
Can we improve? which are in particular? the real spends / outputs point? |
No description provided.