On Tue, Aug 18, 2015 at 06:36:45PM -0700, Peter Todd via bitcoin-dev wrote:
> is false. However, in the common scenario of a firewalled node, where
> the operator has neglected to explicitly set -listen=0, the code does
> still download the Tor exit node list, revealing the true location of
> the node. This is contrary to the previous behavior of not revealing any
> IP information in that configuration.
> 
> FWIW Gregory Maxwell removed the last "call home" feature in pull-req
> #5161, by replacing the previous calls to getmyip.com-type services with
> a local peer request. Similarly the DNS seeds use the DNS protocol
> specifically to avoid leaking IP address information.
> 
> tl;dr: Yes, Bitcoin XT has a privacy problem with the automatic Tor exit
> node list download.

Oh, and I just checked, and Mike's original pull-req for the Tor
blacklist didn't include the proxy disable code; what's in master != the
pull-req, so the OP may have been looking at the wrong code by accident.
(I personally noticed this issue in the pull-req and didn't realise it
hadn't been merged into master w/o modifications)

https://github.com/mikehearn/bitcoinxt/commit/931a4d59a03c7e64d7d85ddfc07ae127533c7f28#diff-11780fa178b655146cb414161c635219R171

Kinda sloppy of Mike to be making changes in master that don't
correspond to the peer-reviewed pull-req code...

-- 
'peter'[:-1]@petertodd.org
00000000000000000402fe6fb9ad613c93e12bddfc6ec02a2bd92f002050594d