Bitcoin Forum
June 16, 2024, 01:18:15 PM *
News: Voting for pizza day contest
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 ... 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 [82] 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 »
1621  Economy / Reputation / Re: What if Theymos would Reset Reputation now? on: January 04, 2020, 04:41:01 AM
Imagine if Theymos would just reset everyone reputation...

From my perspective of having spent almost a quarter-century enamoured of the idea of cryptographic currency plus reputation systems that would enable pseudonymous economic activity, it is only natural that I think this is a terrible idea.  Actually, common sense and basic fairness say this is a terrible idea.

The people with good reputations would not work back up from zero:  They would have just seen that valuable reputations they had worked hard to achieve had been arbitrarily “reset”, for the purpose of appeasing those with bad reputations.  Well, no good deed goes unpunished.  What happened once, would surely happen again.  Therefore, if not patently irrational and/or masochistic, they would leave the forum.

Although there may be mistakes made here and there, it is undoubtable that most people with negative reputations have earned those reputations, too.  The forum would be left with those, plus newbies (i.e., fresh meat on a forum where everybody who’s not a newbie is a scammer).

Oh, joy!

(Dear readers, I apologize for having merely stated the obvious.  It is bad form.  Well, somebody had to.)


I'd be happy if the merits were reset as most of my early ones were to get used to the system.

That was your choice.  Do you care to explain why others’ choices should be erased because you regret yours?

(And before anybody suggests that having much merit disqualifies me from speaking about merit...)


All the 'dt fun talk' would be gone along with red and green trust   :o

Maybe Theymos can think of some better idea to stop and prevent 'more abuse dt wars'
It's not fun at all.

Well, I infer that was his purpose in neutering the effect of feedback, and essentially democratizing DT in a convoluted way.

My prediction as to the latter is that it will destroy the trust system.  In the long term, it will put DT under control of those who optimize for gaining control of DT by any means necessary, and devote unbounded time and effort to doing so.  That is a bad criterion.  As for cleaning up these sordid threads, it will backfire and will escalate, not quash the perpetual DT wars:  Demagogues, agitprop, and “negative campaign ads” thrive in such a system.

Not all of this will be obvious when the system is new, because old DT members started with an incumbent’s advantage; but given enough time, the rot will set in and take over.  And tinkering with the DT selection algorithm will not help much; such as system as DT is a social problem, not amenable to such technological solutions without a human element that actually works.

Something analogous happened in American history.  The revolutionary American founders were not titular nobility; but most were of the gentry, a high social class that was almost nobility.  Compare long-established forum members who were at some point selected for DT1 (however imperfect the selective process may have been in both cases).  For the first few decades of their new system, the most important elected positions were almost all filled from that class.  Then rose “political machines” with gangsters, party politics in the worst modern sense, special-interest groups, etc.  They sometimes used outright ballot-stuffing and fraud; similarly, we have circles of alts to Sibyl the system.  Otherwise, they are just expert manipulators of mass opinion (n.b., “confidence men” are so-called because they specialize in luring people to unwisely trust them).  Well, now just look at ’em!

So as for my prediction of unintended consequences.  Intelligent people may argue over this.  The future will show who’s right.

What is not intelligently arguable, or even sensible, is the notion that depriving good people of good reputations, and relieving bad people of bad reputations, would achieve anything but to destroy the community in an instant.  Cui bono?
1622  Economy / Service Discussion / Re: Why I am temporarily wearing an unpaid, unsolicited Chipmixer signature ad on: January 04, 2020, 04:19:20 AM
Such attitudes and beliefs are increasingly common nowadays
This is the most concerning part of this drama. People (generally speaking) have always been lackadaisical when it comes to their privacy.

[...]

It is doubly concerning to see these kinds of attitudes becoming more commonplace on a forum which is supposed to be united in our combined desire not to trust third parties.

Only two years ago, it seemed to me that most of the “we need KYC because of money laundering” propaganda was being parroted by the types who pad their activity counts with mindless drivel in megathreads.  Now, it seems to be all over the forum—and elsewhere in places where one may expect an understanding of privacy issues.

For the most ironic of countless petty examples that I have recently seen all over the Internet, observe how a a technical discussion on tor.stackexchange was cut short with extreme rudeness (archived):


I was shocked to see that from someone who evidently has deep technical knowledge about onions.  Turning the sarcasm up past (9/)11, I must remark, it seems the attitude is:  “Here, I thought you must be building some nice kidporn site or drug market.  Now that I know you are building a Bitcoin ‘mixer’, you are beneath contempt!”  Does an apparent expert in Tor onions not realize that all tools can be abused, but good people need them for good purposes?

I certainly do not want to reflect badly on Tor here, based on the rude and thoughtless comment by some arbitrary Stack Exchange user.  The Tor Project itself is proud that “Tor secures cryptocurrency networks!”  And the Tor Blog recently published as a guest opinion the single best short essay on financial privacy that I have recently read.  Print that one out, and hang it on your wall!  As I stated in OP here, I had long ago reached its same conclusion that Lightning Network is the future of financial privacy:

Quote from: Alex Gladstein (2019-12-18)
The caveat is that this [Bitcoin privacy] is essentially an expert-level task at the moment.  Strategies like running a full Bitcoin node over Tor, using cutting-edge mixers, and avoiding centralized exchanges that enforce KYC “Know Your Customer” regulations are out of reach for the average Bitcoin user.  But the blueprint exists for making daily payments for the average person private using Bitcoin as a foundational technology.

One way to do this may be through the Lightning Network...  Lightning could very well be the scaling solution for Bitcoin, with the extra benefit that it can transform Bitcoin’s pseudonymous payment structure into something that’s virtually anonymous.  Lightning is nascent today, and needs a lot of work.  But the building blocks are there for you to be able to, within a year or two, use it to make the equivalent of cash transactions in the digital world....

Using digital cash is one way to take back the internet and protect what privacy we have.  The Tor and Bitcoin communities can make for powerful allies in this effort.


Well, sure, but i think that the point is that that's impossible. Let's suppose an auditor checks Chipmixer's infrastructure- and then gives "the green light"; Chipmixer could, if they wanted to, simply change some of the source code. Any of the current mixers could.

Thanks for making this post much shorter!  I can only add that if I were Chipmixer, I would not get such an audit.  I would not want to risk granting the auditor (perforce an outsider) high-level access to my systems for no useful purpose; and I would not want to give my customers a false sense of security by “proving” the impossible.  I respect Chipmixer more because they don’t seem to be the types to claim that they can prove such a thing.



Boldface added on some particularly important points that I fully agree with:

This is still a scenario which one -- who takes his privacy *extremely serious* --  should consider. We have yet to see any proof Chipmixer isn't a honeypot per se either (Though- it'd be pretty much impossible to prove or disprove anyway-).

This is the biggest thing here, there's really no way to confirm this and even people that promote ChipMixer for money will say so. I wouldn't be surprised if the people at ChipMixer came out and said that too -- because it's true. We all put our blind trust and faith into ChipMixer without really knowing how much of it works, and how it's going to be helping us.

I should reiterate a theme of my OP:  I am walking a fine line in so far as I don’t want to FUD Chipmixer, but I need to examine this issue honestly.

It is a service that I want to like.  It is the only centralized, trusted mixer that I want to like.  Their signature ads specifically speak to privacy.  Their FAQ quotes Dr. Adam Back to answer the question, “Fungibility?  Why would I care?”  Oh yes, I want to like them!

They may well be real privacy advocates running an excellent, trustworthy service.  If so, they are also providing an ancillary benefit to society:  Their ads promote the idea of privacy at a time when society is moving in the opposite direction.  This is why I was outraged to see them and their advertisers smeared as “evil”.

I hope that’s what they are...

Not going to spend too much time on discussing chipmixer since my opinion might and it's probably biased but I doubt the honeypot scenario, you don't run a honeypot for two years, on Hansa they run the site for just a month and the amounts involved are on totally different levels.
But, who knows...

If Crypto AG could sell NSA-backdoored security products for governments and militaries for five decades, then I would not make such inferences.  Though of course that was the NSA, not a garden-variety police sting; and if Chipmixer is a honeypot, they certainly provide one of the best, most competently-run honeypots on the Internet today!

I further observe that Chipmixer’s overt attitude is not of the kind used to attract the criminal element; there is a sort of “darknet” cant seen on some sites, thinly-veiled hints that we will help you get away with it, which is completely absent from Chipmixer.  They “smell” clean.  They speak the language that speaks to you and me; and they pour what must be a fantastic advertising budget into the Bitcoin Forum, which is a good place to attract non-criminals.

This suggests that if they are a honeypot, they are probably an intel operation targeting smart people, not a police sting targeting the kinds of people for whom “opsec” means getting a post office box for receiving bulk quantities of felonious contraband from anonymous persons you met on the darknets.*

Or else, they are hardcore privacy advocates who know that most people will use a centralized mixer, so they should provide a good one.  I said, I want to like them...

(* Not that all Internet drug dealers are so stupid, but many of them are!  The example hereby given is based on a real-life case that I read about a few years ago:  Somebody decided to get rich dealing drugs on DNM, and therefore bought drugs wholesale by the kilo from DNM.  Shipped to his post office box—where he picked them up personally—thus where the police picked him up in a controlled delivery.  This leads me to wonder, why do we need mass surveillance?  The cops have their hands full with dopes who are practically begging to be caught.)


...if the day comes where there was ever a major breach or major scam which resulted in losses for either the mixer or the end user then it might be the catalyst to...

To be clear, there are two separate trust issues:  Trusting the mixer to not steal your coins, and trusting the mixer to not violate your privacy while pretending to protect it.  I have been discussing only the latter.  The former is an important issue; but if it were the only issue, I would be comfortable saying that I trust Chipmixer based on their established reputation.

Note that there have been major scams with mixers, including selective scamming and exit scams.  That never deterred the use of mixers generally; and it did not:

kick start an overhaul of how mixers work.

That effort started long ago, with practical implementations you can use today—plus too much related research to sum up in a few handy links.  Bitcoin privacy is a big topic.  And in the future, as I said, I think that this whole discussion will be made obsolete.

What a mixer site most provides is convenience and accessibility.  You send them coins; you get back other coins; and you hope that they did not retain any data connecting these coins to those coins.  It is simple for the user, though a well-run mixing site will have much complexity behind the scenes.  Chipmixer does a good job of that:  The site is a pleasure to use, and easy enough for anybody.
1623  Economy / Reputation / Re: Plagiarism apologist #92110 “cryptohunter” rationalized dishonesty in principle on: January 04, 2020, 01:48:05 AM
johhnyUA:  Off-topic, but thanks for suggesting this:
https://web.archive.org/web/20200104000755/https://bitcointalk.org/index.php?topic=1159946.420



By way of general preface to my replies, I think that I should better explain what I am trying to do, in terms that are not so abstract.

Imagine that somebody made the following nonsensical argument in defence of a scammer who was caught red-handed:

Quote from: hypothetical
Scamming is a human right!  There is nothing wrong with lying to people and ripping them off.  Those who try to stop scammers are oppressing their right to redistribute wealth to themselves, a charitable end which justifies any means whatsoever.

Would you ever engage in a financial transaction with that person?  I doubt it.

You would not only distrust “hypothetical’s” judgment about trust in others:  You would distrust “hypothetical”, period.

That hypothetical is intentionally extreme.  I think that “cryptohunter” did a lesser, subtler, and less-obvious version of the same thing.  He admitted that plagiarists should be banned, but demanded that people stop being so terribly mean to them.  He said that some plagiarists have “semi legit reasons” (!), and he was clearly in sympathy with those who did this because they are (actually or allegedly) poor.  Without saying so outright, he made it seem that the plagiarists were somehow victims.

Because I evaluate people, not mere actions, my gut reaction was, “He is making excuses for dishonesty; what does that say about him?”  I mean that as a practical question, not only the theory of whether he is a good or bad person.



In real life, most liars and scammers are not psychopathic evil geniuses who honestly say to themselves, “I want to rip people off, and I think that’s cool:  I am a predator who eats human flesh, an economic Hannibal Lechter; I drink the sweat and blood of people who have worked hard for their money, and I love myself all the more for it!”  Some are; and those are usually too busy holding political office to post on the Bitcoin Forum, or else they work for banks or law firms.  The ones in Bitcoin would be hacking exchanges or pulling huge scams for hundreds of BTC or more, not swindling newbies for sats.  That’s not because they are so great, but rather, because they are comfortable with criminality:  They can plan it in advance, eyes open, with coldly rational calculation of risk and reward, and set long-term criminal goals that are not ridiculously pathetic.

Most of the others are only weak wretches who choose the path of least resistance, all along making excuses—first, excuses to themselves.  It starts small, from the ease of excusing something a little bit wrong, and then grows into a habit, with excuses growing commensurately.  Nobody starts out by declaring, “My highest aspiration in life is to become a career forum scammer!” or, “Plagiarizing texts to pad my post count is my awe-inspiring skill that will make me rich and powerful!”

Incidentally, this is why bingo-card ridicule is so effective.  It is much harder to hurt the feelings of a blackhat who pwns Equifax—or of people accustomed to being called “Mr. President” (though this post may theoretically do the latter, nf V bapr qvq sbe fbzr onax rkrphgvirf jub znqr zr ovt gebhoyr).

(Of course, the foregoing dichotomy is a simplified generalization that does not cover all possible roads to perdition.  There are other ways; for example, a review of the downfall of the forum’s most-untrusted active user would be interesting, but offtopic on this thread.)



Protip:  Everybody has it tough in life—some more, some less.  Everybody sometimes faces pressure and a choice between the hard way, and the easy way out.  The type of person who excuses dishonesty on the basis of neediness may find himself in an opportune situation to rip someone off, and maybe he himself feels some desperate need at the moment, and then—well, then, you do not want to be the one trading with that person.

As for him, he will never admit to himself that he’s just another scammer:  He had an excuse, or at least a “semi legit reason”.  It would be cruel if someone were to ridicule him with an excuse bingo game, for that would honestly declare to him who and what he really is.  How could he look at himself in the mirror then?  You mean bully, won’t you please think of his self-esteem?

As I said, I would not trust “cryptohunter” with even a millisatoshi.  That’s a judgment that he himself is untrustworthy...

The course of action that you should be taking is ~ them from your trust list as you don't trust their judgement.

...not only that I don’t trust his judgment about the trustworthiness of others.


I actually asked theymos to give input on this, but he may or may not. Smiley

Thanks.  But isn’t this the very reason why he created the flag system?  I didn’t flag #92110:  I saw the new flags, didn’t see any explicit criteria that met this situation, and left an old-fashioned negative feedback.

Unfortunately, since feedbacks have been neutered, this will do little to protect newbies who do not know how to investigate through the trust system.  But that is a different topic.

In OP, I referred to trust feedback as a sort of “common law”.  It uses have been decided and adapted by precedents set in reaction to different types of untrustworthy behaviour.  For an example that I myself experienced, two years ago, when the merit system was introduced, scammers and spammers immediately started feeding merit to their alts.  People started red-tagging them; and it became a regular practice, widely accepted on grounds that it was necessary to protect the the integrity of the merit system.  If theymos ever made a statement specifically about issuing negative trust feedback for merit abuse, I must have missed it.  (Granted, I may have done just that.)

As such, I wanted to see people’s reactions—not as any sort of vote, but more to assess baseline acceptability by the forum community.  Thus far, reactions are a mixed bag:  Some approval, some idiocy that I can safely disregard, and some disapproval...

Is it supposed to be a big deal or something?

It seems nobody really cares too much other than to say it is a pretty shitty tag and a pathetic choice of a target..

...case in point.

I see no evidence that the sky is falling, or that I accidentally broke the trust system.

(It is an interesting question, but offtopic here, whether the trust system was broken by placing DT under long-term control of mob-rule, and thus demagogues, alt-armies, and people with infinite free time to figure out new ways to game the system.)

Steamtyme raised a concern that is not invalid per se, but it is not something I care much about:

Actions such as this are honestly only emboldening the individuals who feel on the outs, or that having opinions are why they are targeted. They then use these instances as a lightning rod to others, and they aren't wrong when they get handed these gifts that "prove" their opinions on the system to be right.

Aren’t such individuals bold anyway, without “emboldening”?  I see no shortage of prolific new topics by people playing the victim because they got their hands caught in the cookie jar.  Moreover, I myself do not customarily give a tinker’s damn about the bluster of such people.  They will make noise; and if you fear the noise they make, then they will make worse noise.

I don’t see any other criticisms warranting a response more specific than:  I will agree to disagree.



Note to self:  In the future, on self-moderated threads, add an explicit note that posts quoting a whole post will be deleted.  I don’t want to censor hostility toward me in a reputational discussion, so I will not delete this one.  But please, for the sake of readers, have some forum etiquette!

1. noobious does not have a miilisatoshi so it matters little to cryptohunter we are sure

You expect for that to make a Bitcoin privacy advocate reveal some juicy evidence of his money?  LOL.

Nice to put this fucktard in our sights though and see his true colors. Look forward to plenty of public destruction scumbag. Fancy words and " sounding smart" won't stop us pulling you apart in debate.

Look forward to your own thread.

Writing skills would help.  Graded F.  Try harder.


And wow, nullius is back!  My attention span doesn't allow me to read everything he writes, but it's cool that he returned.

Thanks.

I don't know if TECSHARE is right that he's an alt of someone, but who knows.

I will mathematically prove how this works.  Given:

  • nullius = Lauda (Source: forum somebody said so)
  • nullius = Satoshi (Source: forum somebody said so)
  • Craight Wright = Satoshi (Source: Craight Wright)

n = l, n = s, cw = s
∴ l = cw

Lauda is Craig Wright!  Q.E.D.
1624  Economy / Reputation / 2020-01-03 key update for nullius #976210 on: January 04, 2020, 12:07:14 AM
[Edit: Archived.]

Proof that I can still sign with my key:

Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

2020-01-03:  I am nullius.

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSNOMR84IlYpr/EF5vEJ5MVn575SQUCXg/T3QAKCRDEJ5MVn575
SdJkAP4z0j0bAGimZrglGP0TgxRY68qYUJkJHCtrMeI65WiVHAD/VNAEr4E34ecx
J8NnMmZ0y9wzEgSWf+z98NJ1EGooXwQ=
=a60O
-----END PGP SIGNATURE-----

My below modification of subkeys/userids proves that I still control the certification-only primary key.  I have mentioned before somewhere, the primary key is exclusively kept on an airgap machine.  (man gpg, look for --export-secret-subkeys)

I dislike distributing my key this way, especially since I intend to soon do more key maintenance.  However, with the keyserver network permanently b0rked, this seems to be the best available means for me to distribute to the forum all of my userids (including those with no mail), revocations of userids for mailboxes that no longer exist, and so forth.  The most useful parts of the key are on keys.openpgp.org, as linked in my signature.

Here is my refreshed key with some userids revoked, and a new expiration for the encryption subkey:

Code:
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEWNCx5RYJKwYBBAHaRw8BAQdAbYq4lHj3xqG+Lu5/y/YuPNBGtvFlHolTGdys
1JWnWAu0Gk51bGxpdXMgPG51bGxpdXNAbnltLnpvbmU+iJEEExYKADkCGwEDCwkN
BRUKCQgLBRYCAwEAAh4BAheAFiEEwukc10pMV6EF9sIbWgBZGy8wfgwFAljbU+IC
GQEACgkQWgBZGy8wfgwJswD9GX9sAFccqAcarTv03qJFc6RCTmeE6oh3pdH0IuzI
paUBAJ3MSUInQr1f6Ds97GS02K4wVWfRIgLAtqyE1LBzFtgHiQI3BBABCgAhFiEE
ojJ1BmTMOdYc5dYVNuu0q2maEO4FAlqxJZoDBQJ4AAoJEDbrtKtpmhDuMi0QANav
Fuj5RW1ahrfcJgB/YLIPHB4al2Uj8cGhMCRZ1GJ9JfVuHtDn9YcfiQmitamxdRFk
f453rXK5SnA/M7+Aykh0arke2/qBPxOJiQ1AnPq5NC/nkqAOi07r11TpCmFctu3E
HBYpDU1J61+TZsMi5AeqwRrnwmXqDelPFCWs7x6Qf5mKYcir6kpC9vEayCHvaF7p
IAbc1m1bO5sjnj1eBQjSJNQHK3H3qpztN5g46FxIePrX2V+aGYinpB1r8mHGUAX2
7RfJ1emI5ysFdds7yAFt6j6z4Fu28ERLoyR3Ui12Mg4/E5TeZyxD8RQB2hYwiBfo
uWTu+FDNUN4Cp3IGrqHcNfFydnnpqCXuS7/Otz7JKTYTH2qpJnzekl46xnxU+5f2
9BV9C7++FRpP04OHNLvH5TNol2tRDfp+11sTxE0/3mVHZ+T1ZcegdpGUnQDq1AfC
7aNgiNudiU7sBTWEhYLHqn1J+hVoSR76ri+pPVmqJkCuE358pLjHZ8gusXQAQCyc
4P89sQM8bNMrm4cJpwomB+K8XWCzlgdHDCspMqxFhnHvICAlljE8HihR26QbbV8Z
IJCGldjSlpFOmSfRjkIQJsI1uFQ95G6T9VckuoA/WEF8GsDI96nWUQdNzubYj9TZ
K5OHbUJFL8vJyZwwFjgN9QosV774GMdkXGGSbhe6tENOdWxsaXVzIChUTFMtZW5m
b3JjZWQgbWFpbDsgdXNlIHRoaXMhKSA8bnVsbGl1c0BzZWN1cmUubWFpbGJveC5v
cmc+iK4EMBYKAFYWIQTC6RzXSkxXoQX2whtaAFkbLzB+DAUCXg/MADgdIG1haWxi
b3gub3JnIHN0b3BwZWQgYWNjZXB0aW5nIEJpdGNvaW47IGFjY291bnQgY2xvc2Vk
LgAKCRBaAFkbLzB+DM5EAP47xMioRUVvVWUT1FboeTiwGzqt15OrSdv8mLMDSoFt
YAEAwtL3Sea7Bc1o8KSThdx2LuI32dy+/BinymZ7Oj7LGgSIjgQTFgoANgIbAQML
CQ0FFQoJCAsFFgIDAQACHgECF4AWIQTC6RzXSkxXoQX2whtaAFkbLzB+DAUCWNtT
4gAKCRBaAFkbLzB+DIqCAQCrXIwb5801w3oIXMcI6/UVvK93QJ8+/TRec2HGId+g
zAEAr0n0yuzFqbKQg2yXBGZLfmBBdBLy8vWk0KtsrLPIYAy0HU51bGxpdXMgPG51
bGxpdXNAbWFpbGJveC5vcmc+iK4EMBYKAFYWIQTC6RzXSkxXoQX2whtaAFkbLzB+
DAUCXg/MIzgdIG1haWxib3gub3JnIHN0b3BwZWQgYWNjZXB0aW5nIEJpdGNvaW47
IGFjY291bnQgY2xvc2VkLgAKCRBaAFkbLzB+DL1kAQDS7xuKficcslnB4HeLDOTa
2XQe3RSA6JyyApVQIoNZygD/XuAg6qizuuHyZ2El8vNVo1GBglzBtgKZQ4s9Ll+R
+AGIjgQTFgoANhYhBMLpHNdKTFehBfbCG1oAWRsvMH4MBQJY21OdAhsBAwsJDQUV
CgkICwUWAgMBAAIeAQIXgAAKCRBaAFkbLzB+DISSAP9ok7iHIuvIZBTcaFaTxPCq
0SjbHm6oQX7QG5P4dsDDxgD/cgVCfYPsACT3k4TkwddBPzWUirKRaNclfPGGG837
5gS0H251bGxpdXMgPG51bGxpdXNAYml0Y3VsdC5mYWl0aD6IjgQTFgoANhYhBMLp
HNdKTFehBfbCG1oAWRsvMH4MBQJasSRWAhsBAwsJDQUVCgkICwUWAgMBAAIeAQIX
gAAKCRBaAFkbLzB+DO1vAP9zhPQOqfdhw0P6Ea64cBMjE2bL3FOmoVQsAkGsrTqt
hAEAiyJ+6XKKV7P1dkTLx08P7wpwQM94CJKsaPMJXsG7uQW0M0JpdGNvaW4gRm9y
dW0gdWlkIDk3NjIxMCAoaHR0cHM6Ly9iaXRjb2ludGFsay5vcmcvKYiOBBMWCgA2
FiEEwukc10pMV6EF9sIbWgBZGy8wfgwFAlqxJLICGwEDCwkNBRUKCQgLBRYCAwEA
Ah4BAheAAAoJEFoAWRsvMH4MwT0BANIE/0JssDpB0qKdTCyo8bmr1Ch4uSuDoPTq
Pxa1HatxAQCSeK3enHwkFyxia/cCpb3+hfEbuS+/JadaBvgKxb82BbgzBFjQseUW
CSsGAQQB2kcPAQEHQCbPsq7uabzPS60W89XkGkDKJyuz9rF6RNjqHbIls3G2iO8E
GBYKACAWIQTC6RzXSkxXoQX2whtaAFkbLzB+DAUCWNCx5QIbAgCBCRBaAFkbLzB+
DHYgBBkWCgAdFiEEjTjEfOCJWKa/xBebxCeTFZ+e+UkFAljQseUACgkQxCeTFZ+e
+UmX/AD/Wi4k1gJEVb3FCnHsxUPfFLDS3aOcmpTNPeqQMVTh3ZoA/1blIhhrENvT
qydnVnQ4inP3n4dWkDaVtbR8W0DjfGsHapMBAPqTAt8zDpzl0UOAHlxRlhgNpDDw
7CkMkf2eX0DtRmh6AP0diPXIcb4oHYtv2gmKAZQd+dtjQ/2F7tM4BwjkjlMeArg4
BFjbUIwSCisGAQQBl1UBBQEBB0BDDMv3gd+9/0otZJwJqeBt1+BQLCpDfCoEZsWv
1BQKPAMBCAeIfgQYFgoAJgIbDBYhBMLpHNdKTFehBfbCG1oAWRsvMH4MBQJeD8uf
BQkFpdwTAAoJEFoAWRsvMH4MGogBAMwqREnDIi9E5Lzj1gaj+kdeh3y5RQITIELi
jRK/h0I4AP97BOZiUgVUxPXm/CoyTMQ9WHTFYwbs0ccYoZ1DULYUALgzBFjbUOIW
CSsGAQQB2kcPAQEHQAnpQKP+nMivdbqH4Gak1mrDj+SeAJ+XjQ5VUzor8MX7iH4E
GBYKACYWIQTC6RzXSkxXoQX2whtaAFkbLzB+DAUCWNtQ4gIbIAUJA8JnAAAKCRBa
AFkbLzB+DPloAQCBFf1Yfeg//7t0fLII+ciyWYI9mbwlSZC/XCK5fUwXlAEAv3IE
qIll434KAG33e2Z6kQ4xNYa4b74oG0dO1hm2lgw=
=Xmf+
-----END PGP PUBLIC KEY BLOCK-----
1625  Economy / Service Discussion / Why I am temporarily wearing an unpaid, unsolicited Chipmixer signature ad on: January 02, 2020, 03:43:42 AM
Life experience shows true the age-old principle that people who add gratuitous moralizing to their names are usually covering for their own defects.  For example, if you see a user who calls himself “Honest Trader”, then you may presume that he is a scammer:  Methinks he doth protest too much.

For another example, the self-styled “No HATE” drips acid hate for privacy beneath a transparent veil of mealy-mouthed, nicey-nice “sorry” and “no offense” and other sickeningly saccharine platitudes:

IMO, Mixers are the most evil in crypto because they use for money laundering and those who wear a signature supported that shady activity of them.
Why wear chipmixer? Because they paid you a decent rate, up to BTC0.0375 a week is big enough, big enough for the members to sell their souls and criticize others, sorry if I make that as an example because I notice that most of the critics are from that campaign, sorry again if I'm wrong.

No offense, this is only my opinion and I always like to see fairness in the forum, besides those investors are not kids, they know the risk when investing.

STOP THE HATE, LOVE ONE ANOTHER BECAUSE IT'S CHRISTMAS.

Boldface and red colouring are in the original.  This is stated in response to negative trust-tagging of users wearing a Yobit advertisement that makes impossible financial promises, i.e., a scam.  Of course, “No HATE” does not pause to consider the possibility that the persons who wear Chipmixer ads tend to be honest, and are thus motivated by a desire to alert others to scams.

Now, observe “No HATE’s” premise:  If you want to unlink your financial transactions on an immutable global public ledger, then you must be doing “shady activity”, your privacy tools are “evil”, and people who promote those tools thereby “sell their souls” to the devil of so-called “money laundering”.

(The whole concept of so-called “money laundering” is perverse in principle, twisted in practice, and misunderstood by most people who bandy the phrase about; but that is another matter.)

Having seen one sick tree, step back and observe the forest.  Such attitudes and beliefs are increasingly common nowadays; and by no coincidence, they are becoming more common as governments worldwide work overtime to destroy financial privacy.  Chainsaw needed:  If nobody stands up against this trend, then the trend will continue until all financial privacy is destroyed.



For my part, I cannot tolerate the above-quoted smear of Chipmixer and its signature advertisers—much less the widespread promotion of the underlying hatred of privacy.  Thus in protest, despite the misgivings stated below, I will now spend an as-yet undetermined time carrying an unpaid, unsolicited advertisement for Chipmixer.

I have not spoken to anyone at the Chipmixer campaign before doing this; my actions hereby are completely unilateral—and indeed, I don’t even qualify for the Chipmixer campaign.  My ad is admittedly not as slick as the official one; I may try to improve its aesthetics a bit.

This is an act of solidarity.  In the past, I have spoken to well-known Chipmixer signature advertisers who told me, in essence, the following list of their reasons for wearing Chipmixer:

  • It’s good money.  By such means, they can afford to spend endless hours making this forum a better place, as opposed to spending those hours on some other job.  (There is nothing wrong with the pay rate being a criterion, as long as it’s not the only criterion, and not decisive in itself.  Also, observe that this motivation is the inverse of the sig-spammer:  They want to get paid so that they can spend more time on the forum; they’re not coming to the forum so that they can get paid.)
  • Advertising Chipmixer, a reputable privacy service, is more ethical than advertising the scams pitched by many other campaigns, which they found grossly unacceptable.  In particular, they recoiled in horror at the idea of pumping ICOs (which were all the rage when I had these private discussions).  I infer that they would have flatly refused to advertise Yobit “earn 10% daily, 100% safe” scams at any price.  This directly contradicts “No HATE’s” accusation that they “sell their souls”.
  • A related weaker form of the preceding item:  The Chipmixer campaign is one of the most selective campaigns on the forum.  It is quite difficult to get in; you can’t just be some idiot who spams illiterate, nonsensical shitposts as a desperate money-grab.  Chipmixer sig spam posts are thus practically nonexistent, despite their high posting requirements:  They offer relatively large payments, but they only offer those payments to people who have a long-demonstrated record of prolific, high-quality forum activity.  They get what they pay for—and thus, on the other side of the coin, they offer the person accepting the ad a way to sell your signature without looking spammy.  For elite users with sterling reputations, this is a major concern.

I think that’s fine.  But for my part, I must consider these factors of my own:

  • I generally dislike signature ads.  I may take one someday; but I would prefer to avoid it.  I do recognize that signature ads make it possible for many of the forum’s best regulars to spend fantastic amounts of time and effort here; and really, I could use the money, too.  Well, thus far, I just have not been able to get past my personal feelings on the matter.
  • Although I have nothing against productive, profitable businesses—to the contrary!—it is childishly foolish to behave altruistically toward a business so wealthy and successful that it evidently has a stratospheric advertising budget.  If I am to advertise their services, thus increasing their wealth, then it is only fair that I should get paid.  Well—I will make my point, then change my signature to something else.
  • By design, Chipmixer is a privacy service that you must trust with your privacy.  I strongly dislike that, and cannot endorse it.  On this point, the best that I can say for Chipmixer is that my dislike applies more or less equally to all mixer sites (excluding trustless services such as JoinMarket, which are not “mixers” in the usual sense); and I probably dislike them the least.  I do commend some of Chipmixer’s efforts to improve privacy on the forum; whether that indicates anything useful for trusting the privacy of Chipmixer’s mixing service is a difficult question, and one for which I have no immediate answer.
  • Chipmixer does not implement Segwit.  As an external observer, I infer that it must be because they started when Segwit activation was still tied up in politics; and their innovative design requires them to keep what must be a terrifically large inventory of pre-made “chips” (i.e., UTXOs of various sizes) to distribute.  For privacy reasons, slowly rolling over the inventory of chips may be out of the question:  That would partition the unlinkability set between those who received non-Segwit chips, and those who received Segwit chips.  But rolling over the inventory instantaneously may be financially prohibitive; and that would not avoid a partition, although it would minimize the partition’s effects.  At least, this is my hypothesis based on blackbox observation of how the service works.  I have not spoken to anybody who may actually know.

If you want to use a trusted mixer, Chipmixer is probably the best option.  They are innovative.  By all accounts, they are very reliable.  I myself have sometimes used their services (with coins already anonymized by other means that do not require trust), and I generally avoid trusted mixer sites like plague.



Compare the situation with Tor versus VPN.  Tor is designed to minimize trust generally, and to eliminate the need to trust any node in particular.  If a circuit passes through a node that logs all data, the node still can’t see both endpoints.  With a VPN, you need to trust that the VPN provider is not logging all your Internet activity—as many of them do, all promises to the contrary notwithstanding.

If you want to just send coins to a mixer site, cross your fingers, and hope that it’s not a honeypot logging the links between inputs and outputs, then I suggest that you click the links in my signature and try Chipmixer.  Chipmixer is convenient, and it unlinks your transactions on the public blockchain.  Javascript is not required.

If you want trustless privacy, that is a complicated subject beyond the scope of this topic.  The best I can say here is that as Lightning grows, it will render all these questions obsolete for most use cases:  Blockchain spies can’t trace transactions that never touch the blockchain!
1626  Economy / Reputation / Re: Plagiarism apologist #92110 “cryptohunter” rationalized dishonesty in principle on: January 02, 2020, 01:11:52 AM
You came back for cryptohunter?

No; check post history.

I think plagiarizers, scammers, and many types of criminals should be shamed too, but you know, it seems that about half the world out there are apologists for criminals and blame it on poverty, just about every time a black guy gets shot by the cops..

Moreover, shame has been turned on its head:  If you shame bad people, you will be shamed.  I observed that “cryptohunter” did this to The Pharmacist.  You yourself should prepare to be shamed for what I just quoted, not despite, but because of it being a simple, lucid observation about the world in which we live.

The trick only works, because the people who should have the moral high ground are ipso facto those who are capable of feeling ashamed.  The ones shaming them are shameless, and highly manipulative.  You did not actually say anything wrong; but if you are sneered at and jeered at with unlimited hostility in a way that plays on your emotions, guilts you for being unsympathetic, slaps you with meaningless labels, impugns your motivations in a hundred ways, etc., then it could get to you.  Conveniently, the shameless will not feel ashamed of doing this to you.

Compare what “cryptohunter” did in the linked thread:  He portrayed a bingo game that ridiculed plagiarists’ flimsy excuses as if it were some sort of cruel injustice against poor, desperate people who are just so... so... needy.  Objectively, it is just the brand of dangerous stupidity that may persuade people who don’t think it through.  Subjectively, in my case, this peculiarly outraged me because I have experience with being poor.  As in, “imperiled for my short-term physical survival due to a decidedly painful lack of food and shelter” level poor.  Poor enough to be able to attest the maddening effects of chronic hunger (and resulting long-term detriment to the body).  I did not scam people, or spew plagiarized posts on the Bitcoin Forum.  “cryptohunter” implies that if I had, others should have been somehow sympathetic; and that offends me by degrading my dignity.  Surely, in today’s society, in the Year 2020, I am entitled to me-centred outrage based on being personally offended!

I'm glad you distrust these people.. I do too to an extent.. Poor judgement.. But I don't think I'd hand out negative ratings to every user who has ever blamed crime on poverty, or I bet you could go to the P&S section and gather a sizable list..

True enough.  But, (a) “cryptohunter” did not merely blame crime on poverty.  He went beyond that in ways that showed a high tolerance for dishonesty, even a sympathy for it, per what I stated above.  (b) One must start somewhere; otherwise, nothing will ever change.


Tell me, exactly how you delineate the difference between opinions that are inexcusable, and opinions that are simply in opposition?

I expounded on this.  Was it TL;DR for you?

By contrast, what I hereby consider is an opinion that directly, unavoidably, substantively demonstrates the untrustworthiness of he who expresses it.  Is it untrustworthy behaviour to demand that scammy, dishonest people should not be shamed?  I say, yes!


I get the very distinct impression that this is a sock puppet for another well known little girl here...

Stop trying to prove that Lauda is Craig Wright.  It is defamatory.
1627  Economy / Reputation / Plagiarism apologist #92110 “cryptohunter” rationalized dishonesty in principle on: January 01, 2020, 10:29:38 PM
I did not intend for the following to be a post.  It started as a simple observation on the trustworthiness of a user, then grew into an opinion that I think should set precedent in what is effectually the Bitcoin Forum’s common law on use the trust system.

In that light, I must emphasize the narrowness this opinion.  I think it would be a massively destructive abuse of the trust system to use it to, say, punish people for their political opinions.  The trust system is in effect an economic weapon; and the use of economic weapons to enforce groupthink is odious.  E.g., nowadays, there are places where you can be fired from your job for using the correct pronouns, or making simple, factual observations about reality—let alone expressing the “wrong” opinions.

In the general case, if I see on this forum an opinion that I think is wrong, even horribly wrong, my reaction is either to say why it’s wrong, or to ignore it as garbage.  I may sometimes personally avoid transacting with people I disagree with, in the manner of a quiet boycott; but there are even many people on this forum whose opinions I find disagreeable, with whom I would have no qualms about transacting financially.

By contrast, what I hereby consider is an opinion that directly, unavoidably, substantively demonstrates the untrustworthiness of he who expresses it.  Is it untrustworthy behaviour to demand that scammy, dishonest people should not be shamed?  I say, yes!

It would be interesting to see some intelligent analysis and critique.  I admit it’s arguable whether this is a good idea, for I am walking a thin, dangerous line.  However, I sincerely, unarguably, and unalterably distrust this user, for the reasons stated below; and what is the purpose of the trust system, if it is not for expressing a well-founded distrust so as to warn others?

[The following is what I intended to use as a trust comment.  It invoked an error:  “Comment too long.  Create a topic and link to it instead.  A draft was saved.”  In my actual trust rating, it will be replaced with a link to this topic.]

Quote from: nullius

In the linked post and subsequent posts on the same thread, #92110 “cryptohunter” rationalized and morally minimized plagiarism.  He did this with no apparent direct self-interest; judging only by the thread on its face, he appears to have done this to protect plagiarists from shame *as a matter of principle*.  #92110 admits that plagiarists “need to be banned”, but vehemently objects to shaming them with ridicule.  For the purpose of judging trustworthiness, all this only makes him worse.

A.

Unlike copyright law violations, plagiarism is truly the theft of ideas.  It is singularly the most reprehensible wrong that can be committed within the realm of the intellect; and it is inherently fraudulent, an intellectual scam by definition.

Thus, anybody who defends, excuses, or morally minimizes plagiarism in principle is *ipso facto* untrustworthy.  Anybody who considers plagiarism not shameful is definitely untrustworthy.  And this applies a thousandfold to anybody who attempts to manipulate the emotional sympathies of the public to stop social shaming of plagiarists:  It is no less than an attempt to protect fraudulent criminals by depriving a community of a needed weapon, i.e. social shame, that the community uses to defend itself.

Perhaps worst of all in concept, this last is hereby seen done via a values inversion that shames the people who are shaming dishonest, fraudulent plagiarists.  Further down the thread, #92110 even has the audacity to issue a preachy, self-righteous tirade disparaging and ridiculing the “moral compass” and “critical decision making capabilities” of The Pharmacist:  The latter has no sympathy for poor, desperate plagiarists who are being deterred by public shaming from the forum and its financial opportunities.  Evidently, he expects for The Pharmacist to be ashamed.  (I do not hereby reach #92110’s other arguments, other to note that they are are completely wrong.)

B.

There are instances in which a disagreeable opinion is just that, and reveals little or nothing about the trustworthiness of the holder of that opinion for financial transactions.  I absolutely would not issue a negative trust rating in those instances.  This is not one of those instances.  The linked post is tantamount to a self-righteous declaration that “even though [scammers] need to be banned I can't say I have no idea why they do this”, and they shouldn’t be shamed for ripping people off, especially if they are “poor as fuck” or have “semi legit reasons” (!).

Indeed, substitute the word “scammer” for “plagiarist” in the context of the linked discussion, and you will immediately see why I have chosen to tag #92110 as untrustworthy for financial transactions.  I would not trust a plagiarism apologist with even a millisatoshi.

Coda

I see that #92110 is accused by others of abusing alts.  If/when I have time for the needed investigation, I should issue a negative trust rating to any alts that I independently verify actually belong to the same person(s).  It’s low on my priorities list, but I hope that I will get to it eventually.

Archival link:
https://web.archive.org/web/20200101215600/https://bitcointalk.org/index.php?topic=5084319.0;all
1628  Other / Serious discussion / Re: Random Thoughts on: January 01, 2020, 10:08:38 AM
I've crossed the border many times with copious amounts of storage, encrypted most of the time (albeit overtly), and never once was asked what's in it....  The border is not as scary as you're making it sound.

You have caught me in a rare case of speaking from abject ignorance, i.e. based on what I have read in almost* 2^40 articles in the mainstream media.  I also did deliberately exaggerate at certain points, as hinted by such phrases as “my caricature of the secret police”; but overall, I was discussing what I thought to be a significant problem.

If I misfired, I stand corrected.  With a decade’s worth of perennially circulating stories about travellers being coerced to open their devices, log into social media accounts, and so forth, is it really that easy to stroll across the border with terabytes of encrypted data pseudorandom bits?

I wouldn’t know:  I am reliably told that TSA security-(porno-)theatre gives travellers the choice between being photographed effectually nude, and being groped.  Although I have no objection to either in pleasant company, I find TSA personnel decidedly displeasing; and if I refuse KYC on privacy grounds, you may imagine my opinion of how intimately the TSA peremptorily demands to “Know [Their] ‘Customers’”.  Thus, I have not crossed the American border in many years.

(* For a value of “almost” consistent with a tiny bit of hyperbole.)

Or should I assume that the agencies can read it without my help anyway so it doesn't matter?

Do you let any electronic devices (including bare disks) out of your physical control and observation?

I doubt that remote data-grabbers are anything but movie magic.  However, devices outside your control or observation (e.g., in checked baggage) could be bugged to facilitate future remote penetration; and nonvolatile storage media of any kind can be trivially copied (well, that’s why we encrypt!).  To be clear, I am just thinking aloud in terms of capabilities.  I have no idea if either practice is done at the U.S. border, or if so, how common that would be.

Welcome back Cool

Thanks.  But on account of your questioning of my potentially erroneous information, I am so hurt and offended that I plan to complain to your ISP about your harassment and cyberbullying, then boycott the Bitcoin Forum forever.  Well, that’s the way of the internets nowadays.  I am completely sincere:  You know how it is, with sarcasm running out of money to pay for your sig; it stopped paying me, too.
1629  Other / Serious discussion / Any KYC is “Too strong KYC” on: January 01, 2020, 08:53:30 AM
stop people from doing money laundering.
KYC helps solving certain problems such as hiding income taxes, stealing money from other people,

Stop being paranoid mate
The reason why they establish KYC is because they want be protected against scammers. I hope you understamd it Smiley.

I don't blame them for KYCs
I've complied
With cases of stolen funds and hack attempts, they're dealing with large amounts of BTC.

<blink>YOU ARE THE PROBLEM.</blink>

<img src="mushroomcloud.jpg"/>

:weeping_satoshi:


Kyc is a way of proofing an identity or ownership of something against possible frauding

An Essential Introduction to Bitcoin for Ill-Informed Newbies:

In Bitcoin, ownership of funds is exclusively proved by control of the cryptographic private keys that can be used to satisfy the output script for a UTXO (i.e., a “coin”).  This is why it is called “cryptocurrency”.

The foregoing is no mere semantic quibble:  I have just stated the purpose of Bitcoin.  Absent that purpose, Bitcoin would be only the world’s slowest, most-expensive, least-private, most horrifically inefficient financial database; and it would be idiotic to use it for anything.

If you have the private keys, it is your Bitcoin.  If you do not have the private keys, it is not your Bitcoin.  Not only does KYC fail to augment these rules:  KYC is incapable of contradicting these rules.  Observe that if I have Bitcoin (i.e., if only I have the private keys), then no exchange, no government, and no court can freeze or seize it.  Indeed, centralized exchanges can only impose KYC because when you use their services, you do not own the Bitcoin:  They own the Bitcoin.  If you are a good little doggie and roll over on command, then they may be charitable and let you use it—or maybe not.  If they decide that your KYC just ain’t good enough, then you will rapidly discover that “your” Bitcoin is not yours at all; and I will laugh at you.

HTH, HAND.
1630  Other / Serious discussion / Re: Beware of the Fake Greetings messages on facebook on: January 01, 2020, 07:51:40 AM
Things to do


Quote
I hope i was able to help everyone that might been a victim of this
Take care guys happy new year
1631  Other / Serious discussion / Random Thoughts on: January 01, 2020, 12:53:09 AM
I have a habit that may upset some people:  I overwrite new disks with a pseudorandom bitstream.  Then, when I use a disk for data, I encrypt it in such a manner that there is no visible, unencrypted structure to the disk:  No header, no unencrypted metadata.  (How?  Magic—don’t ask!)

As a result, my house is filled with random-looking disks that may or may not contain decryptable data.  Some are hooked up to machines, and probably have data—if, that is, they are not hot spares.  The ones not hooked up to machines may be backup disks, or decommissioned disks, or new disks that I have never used.  All of these disks are indistinguishable from each other, to anybody who is not me.  To me, the disks are identified by serial number in a file that is stored encrypted.  (Don’t ask.  Security by obscurity is a part of defence-in-depth, except within the quite narrow purview of Kerckhoffs’ Principle.)

Occasionally, it has happened that a disk was lost or stolen.  I never worried too much about this.

The presence in my house of all these random-looking disks has oft tempted me with an interesting thought experiment:  What would happen, if I were to attempt passing the United States border with one of my disks?  A disk with encrypted data would be interesting.  A new, unused disk would be more interesting.

Don’t Be Stupid

I generally contemn the concept of “civil disobedience”.  That’s just a way for “TPTB” to induce potential troublemakers to paint targets on their own backs.  You don’t win by incurring to yourself avoidable trouble for nothing.  You win by making “TPTB” powerless over you:  By keeping your privacy, appearing mostly harmless, and secretly doing whatever you wanted to do anyway.  Open defiance gets you marked for life, when you are young and idealistic; and this limits your freedom of action in the future, when you otherwise may actually have become dangerous.  The system works out neatly for itself.  Make the system irrelevant.

That being said, for anyone who already has trouble at the U.S. border and doesn’t mind a bit more of it, my aforestated “thought experiment” suggests some amusing hijinks.

Say you buy a 12 TB hard disk for about 300 units of depreciating funny-money (“United States Dollars”), and pack it in your bag looking random.  Is it a new disk that you just freshened up with a pseudorandom bitstream?  Or is it packed with juicy data that you so happen to have encrypted?

Have fun explaining to the border police that you don’t remember.  But what if, seriously, you don’t remember?  I have lost data this way—long ago, before I devised better schemes for keeping my metadata straight.  I have stared at a disk, trying to remember whether or not I ever wrote any actual data to it.  Cypherpunks have a tough lot in life.

The scenario also presents some interesting philosophical questions.  Say you have a disk written with juicy unencrypted data:  Julian Assange’s secret diaries, Satoshi Nakamoto’s private keys, and your multi-terabyte pr0n collection (which is what the border police are most personally interested in seeing).  Now, you decide to destroy this disk with a cryptographic erasure:  You encrypt all the data in-place, then irretrievably destroy the key.  At the U.S. border, what is the legally proper answer to the question of the disk’s contents?

  • “Pseudorandom data.”  This is strictly true.  You are not lying to the American police, which would be a “crime”.  But this introduces in turn another question:  What if the program you used to irretrievably destroy the encryption key was buggy, and you later discover that you had inadvertently retained the key all along?  Data remanence is a big problem, you know.
  • “Encrypted data that I can’t decrypt.”  This is also true.  But you can be extraordinarily rendered and then beaten with a $5 wrench until They are satisfied that you are not lying—or until you’re dead.
  • “Schrödinger’s Cat’s data.”  Amusing—until my caricature of the secret police decides to amuse themselves by locking you in a box with a gun triggered by a Geiger counter, etc., such that they can write up your status as “unknown and unknowable”.

It would be fantastically stupid to test these answers empirically.  At best, you would probably lose a disk worth 300 units of depreciating funny-money.

Supreme Confusion

Modern (or postmodern) laws are a game, invented to amuse people who have sufficient firepower to enforce the rules of their game.  Arbiters of those rules are called lawyers.

This question is for the lawyers:

What are the legalities attendant passing of the United States border with a disk full of pseudorandom data?

The problem with allowing passage of large amounts of pseudorandom data is that nobody can prove it isn’t encrypted data.  Note that there can here be no question of the burden of proof:  The question cannot be proved at all.  —Or rather, it could only be proved that the disk’s owner is lying, if the disk’s owner is lying, by decrypting the data.  If the disk’s owner is telling the truth, it cannot be proved that he is telling the truth.

And you know, national security would be totally destroyed by the Four Horsemen of the Cryptocalypse if you just let people walk across the border with 12TB of encrypted pr0n in a package the size of a small paperback book.

However, the government would look silly for prohibiting or harassing travellers who carry what are, in substantial essence, empty disks.  Seriously.  This is a real problem.  Upon purchase, I immediately overwrite every new hard disk I buy with a pseudorandom bitstream, starting at sector 0 and ending at the final sector, inclusive.  I have been doing this for about two decades.  If I were to travel to the U.S. (LOL), I may want to take a new disk with me.

Someone terrifically stupid needs to be a guinea pig (“test case”) for this, such that the question may be properly decided by the United States Supreme Court.
1632  Other / Off-topic / PGP key for RGBKey, uid #182468 on: April 24, 2018, 09:53:08 PM
Quoted below as requested.  But the important part is to establish a fingerprint which people can check.  The fingerprint I observe is: 0xABE2DC997C2233012A86D8BE66F1B6C95688A943

Archival link changed to https: https://archive.li/ZabYw  ...and .onion, for Tor users: http://archivecaslytosk.onion/ZabYw

Edit:  Archive of this post (and the rest of the thread): https://web.archive.org/web/20180424215333/https://bitcointalk.org/index.php?topic=3323999.msg35510465#msg35510465

It is an ECC key, which I believe is currently the best (or at least better than standard) key type to use.

I agree with that assessment.  I see that you use Ed25519, which I also currently use for my identity key.

(Aside:  I am disappointed that the current draft in the process to revise RFC 4880 does not specify anything stronger, such as Ed448-Goldilocks.  I should probably do something about that.  It does prospectively specify Ed25519/Curve25519 as OpenPGP standard.)

If any established forum members would like to attempt to verify that I am who I say I am and sign my key, I would appreciate it.

This is always problematic for someone who exists as a nym.  How would you propose binding 0xABE2DC997C2233012A86D8BE66F1B6C95688A943 to “RGBKey” and the given e-mail address?  It’s not as if you would be flashing state-issued ID documents at me.  I think that some level of TOFU is necessary in these situations.  For my part, I have simply tried to spread my PGP fingerprint anywhere I can (forum post sigs, sigs in mailing list archives, etc., etc.).

As it stands, all I know is that somebody with sufficient Bitcointalk.org access to create a forum post as #182468 claims that key unidirectionally.  This could hypothetically include forum admins, blackhats, Cloudflare, the NSA...  There is no cryptographic binding of identity, and there can’t be, insofar as you may have no other cryptographic anchor to which to bind.  If you have a long-established, widely-published Bitcoin address, an X.509 certificate (LOL, CAs), or some other form of public-key crypto more or less strongly linked to “RGBKey”, that could be helpful.

If I've missed anything here, please let me know.

The (weak) binding of forum uid #182468 → PGP key is unidirectional; I see no statement signed by the key, claiming uid #182468 “RGBKey”.  This is typically resolved with a clearsigned statement acknowledging the identity.  But if the Bitcoin Forum is especially important to your identity, you may want to instead add a PGP userid to your key specifying your forum identity.  All userids must be certified by your (C) key to be valid.  I added that to my key last month; please have a look:

Quote
uid Bitcoin Forum uid 976210 (https://bitcointalk.org/)

In gpg, I specified “Bitcoin Forum uid 976210” as my “Name” and the URL as the “Comment”.  An OpenPGP userid is anyway only a single UTF-8 text string, as specified by RFC 4880 §5.11.  E-mail addresses are enclosed in angle brackets and comments are parenthesized by common convention, in the manner of RFC 2822; but if you do a hex dump of your public key, you’ll see that the User ID packet is just one string.

Also:  man gpg and look for --export-secret-subkeys; also, --expert --full-generate-key (which I presume you used anyway to get an ECC key).

This lets you generate a Certification (C)-only primary key plus signing (S) and encryption (E) subkeys on an airgap machine, then export only the subkeys to your networked machine (using a GnuPG extension which, to my knowledge, is only compatible with GnuPG).  This way, even if your networked machine is compromised, your identity is not; and you can issue new subkeys using your airgapped primary key.  Examine my keys to see what the result may look like.

Most people don’t seem to care about this; but I myself value the extra margin of safety for a pseudonymous person who exists only as a virtual identity.  My identity is anchored in a strictly offline key:  I am 0xC2E91CD74A4C57A105F6C21B5A00591B2F307E0C (or whatever other keys I may use that key to roll over to in the future, if and as better algorithms become available).

Edit 1:  I just noticed that you are currently using a 32-bit keyid in your personal text.  Please reconsider.  32-bit keyids are totally insecure; using fast ECC crypto (in that case secp256k1), I myself bruteforced keyid 0x69696969 in 1055.33375204 seconds on one core of an old laptop CPU.  See also https://evil32.com/.  I don’t trust 64-bit keyids, either.  The Bitcoin mining network currently does 264 work every few seconds.  For creating a “vanity” keyid, it is an amount of computation within reach of a powerful adversary (or anybody with access to a large distributed computing grid/botnet/whatever, plus lots of patience).  Whereas the full fingerprint is a SHA-1 hash (soon to be changed to SHA-256 with v5 keys), which is still secure against a full preimage attack.



Full quote of OP:

Hey folks,

I've been a longstanding advocate of encryption, but I've come to realize that I don't really have an established PGP key to use for communications here. I've just created a new one (I created one ~4 years ago and have since lost it) and I'm going to publish it here and record it. I would greatly appreciate it if a few (please don't go too overboard) people would quote this post to establish it. I will also use archive.is to record this post and post it in a follow-up reply.

Here is my key:
Code:
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEWtLazxYJKwYBBAHaRw8BAQdAgX5FwRIX6Vjq4cGZmrufz1/9PMBx40DcdTeD
Yw2P2Ry0GVJHQktleSA8cmdia2V5QGdtYWlsLmNvbT6IkAQTFggAOBYhBKvi3Jl8
IjMBKobYvmbxtslWiKlDBQJa0trPAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
AAoJEGbxtslWiKlDDF8BAOMjI3HkUOpMU1/qiFixKqB9DywR6WLtq/gO/1FuglFo
AQCK6+OKONT+dCxGRZShrolXpCd1hhGXWhkPU9yj5mvlCbg4BFrS2s8SCisGAQQB
l1UBBQEBB0A6iXCX3Rvd8SWXxDuqd8CFL1jtD7IeUaSlVEmx8OSAQgMBCAeIeAQY
FggAIBYhBKvi3Jl8IjMBKobYvmbxtslWiKlDBQJa0trPAhsMAAoJEGbxtslWiKlD
iGgBAILE2I8JZs2EVEtQiEVLi0/gZ7Mb5+/VIG7GAkmRsWV3AQD1pHktwUWF1i6G
Y4g5j275O69cp2muXydlsBr8fIXlBQ==
=CmTR
-----END PGP PUBLIC KEY BLOCK-----

It is an ECC key, which I believe is currently the best (or at least better than standard) key type to use.

I've also published it to MIT's keyserver.

If any established forum members would like to attempt to verify that I am who I say I am and sign my key, I would appreciate it.

If I've missed anything here, please let me know.
1633  Economy / Service Announcements / Lightning would work for Sporestack! on: April 24, 2018, 07:58:35 PM
Hello, Teran,

Thanks for the thoughtful reply.  It’s rare to see such discussion.  I apologize for the delayed response.

Although I don’t know how Sporestack works internally, Lightning is actually ideal for your business model.  Your concern isn’t too clear, but I infer you think there is some need of per-customer accounting state.  If so, no, this is not the case.  It is not necessary to have a payment channel open with each customer.  You simply present customers with single-use Lightning payment requests which can encode much useful information, including the amount and the request expiration time.  Payment requests are designed to be embedded in QR codes, though you need a bigger QR code area than you do for a Bitcoin address.  This can be used by any customer who can find a route to your node (rather like the Internet itself).  Payments are source-routed; and there has been extensive work on onion-routing (exactly in the Tor sense).

Lightning overall keeps less state than on-chain transactions, insofar as the only global and/or permanently immutable state is in channel open/close transactions on the blockchain; information on individual payments is local and, if desired, somewhat ephemeral.  Also, you never really know where a payment is coming from, which should suit you fine.

Otherwise stated, Lightning will indeed support this business model:

But the bread and butter of SporeStack is anyong being able to pick up a Bitcoin or Bitcoin Cash mobile wallet, scan a QR code, and get a server.

Moving money respectively onto or off of your Lightning channels to fund a channel or “cash out” onto the blockchain is conceptually not too different than moving money between hot and cold wallets.  If you already run a Core node, clightning will work with that, too.

I may have more to say on these matters.  I do like your business model.  Yet to start with, I simply wanted to clarify about Lightning Network.
1634  Other / Meta / Feature request: Humour system on: April 02, 2018, 06:33:22 AM
A lot of users now are laughing not because it is an april fools prank but the burdens were not true. I shocked also when I noticed that the new rank system are suddenly gone to the thread I am reading.
A while ago, I am thinking on what are the combination numbers to rank up. I thought also that there are algorithms used in order to calculate the new rank requirements till I came to the point that I will not rank up anymore. But then, I am very thankful that it is just a prank. A discouraging ranking system turns to a joke! Those who complained, you may now celebrate!
P.S. It might be prank as of now, but it may come true in the near future.
Many users were commenting yesterday and though claiming it to be a joke but I was seeing a fear behind their statements.  A new tough measure to pass for higher ranking.  Haa haa but many were showing them to be normal but in reality they were not.
I was happy with new system and took it seriously.  I was seeing it as opportunity to rank up.  But  Grin  such a big joke.

I hereby propose the addition of a new Humour score.  Unlike activity and merit points, humour points can be lost for humourlessness, literal-mindedness, broken sarcasm detectors, inability to grasp satire, or employment at a humourless alphabet-soup agency.

Humour will not affect rank.  However, those with zero or negative humour scores shall have their signatures displayed upside-down and backwards.  Also, such persons should carry a warning beneath their usernames:  “Jest with extreme caution.”

This is a serious idea.  @theymos, please implement it!

I was surprised (and laughing) at how many people took this seriously. I thought that this was way more obvious than last year, but I guess not.

A paid sarcasm shill once warned me about this sort of thing.



P.S., Dr. Cerimon shall must needs advise on how best to program the forum software to distinguish between good and ill humours.
1635  Other / Meta / s/nullius/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/ on: April 02, 2018, 05:55:21 AM
I was surprised (and laughing) at how many people took this seriously. I thought that this was way more obvious than last year, but I guess not.

A paid sarcasm shill once warned me about this sort of thing.

- Virtue was the edit distance between your name and "Lauda". Wink

Oh, snap!  Thus, I suppose that Lauda had 0 virtue, and was the only user who had 0 virtue?  Together with the witchcraft hint, that would have been a dead giveaway; but unfortunately, I was off the forum most of the day and didn’t see Lauda’s “new new” stats.  Anyway, I figured that I could await virtue.txt.xz.

May I please change my username to the letter x repeated the maximal number of characters in a forum username, whatever that may be?  This would have maximal virtue.  It seems bland; but all forum users who desire to be virtuous must forthwith pray to have their usernames changed to maximal-length strings which do not include any of the letters L, a, u, or d.  However arbitrary this rule may seem, avoiding the Inquisition is no laughing matter; and sacrifices must be made in the War on Pill-Shaped Drugs Negative Trust Terror Flying Catbats Witchcraft!

I had kind of wanted to actually have a running game-of-life board in JavaScript on everyone's profile, but I didn't have time.

(BTW, when are we getting Conway-GoL-Coin? It's Turing-complete! Wink)

Well, of course this could be done as a token built on any coin which already has Turing-complete VM.  This gives me an idea which, if implemented, would be even more spectacularly destructive innocently cute than Cryptokitties.



Pardon, theymos, sir; may I please take this opportunity to thank you for a joke I much appreciated?  Thanks.
1636  Other / Meta / 0day forum EXPLOIT: fMerit MLCG virtue underflow privilege escalation on: April 02, 2018, 03:29:35 AM
Topic:fMerit MLCG virtue underflow privilege escalation
Announced:2018-04-01
Credit:Tailored Access Operations
Fort Meade, Maryland, U.S.A.
Severity:Critical
CVE Name:CVE-2018-18A1

I. Background

A linear congruential generator is not considered to be a CSPRNG.

II. Problem Description l33t sploit c0de

The modified linear congruential generator used to calculate fMerit has a biased distribution.  Users with low virtue may exploit this bias to uprank to Administrator, thus gaining total control of the forum.

To deter abuse, the 0day POC exploit has been coded in Brainfuck:

Code:
-,+[-[>>++++[>+++++
+++<-]<+<-[>+>+>-[>
>>]<[[>+<-]>>+>]<<<
<<-]]>>>[-]+>--[-[<
->+++[-]]]<[+++++++
+++++<[>-[>+>>]>[+[
<+>-]>+>>]<<<<<-]>>
[<+>-]>[-[-<<[-]>>]
<<[<<->>-]>>]<<[<<+
>>-]]<[-]<.[-]<-,+]

III. Impact

Bitcoin Forum pwned!

IV. Workaround

Switching from Cloudflare to a RFC 3514 compliant packet filter will stop the pwnage, and also prevent DDoS attacks—and also block Cloudflare.

V. Solution

Upgrade the fMerit system to use a properly seeded CSPRNG.



So, how long to process this before I get my ethical hacker symbol badge?
1637  Bitcoin / Development & Technical Discussion / Re: segvan: Segwit vanity address & bulk address generator on: March 29, 2018, 04:29:51 PM
Notice:  As a pseudonymous developer who can only pay in BTC, I am currently seeking a legitimate means of Amazon EC2 access.  The most immediate (but not only) motivation therefor is for work on a segvan client/server trustless tweak generator.  Trustworthy persons with their own EC2 accounts are invited to work with me.  This is for long-term legitimate development:  I am NOT trying to buy an account; offers of such will be treated as spam.

(Translation:  Plan A embraced BCH, and lacked EC2’s flexibility anyway.)





I’ve also been seriously mulling ideas for an online service which finds “vanity tweaks” for a private key held by a user—essentially, convenient results from rented time on powerful CPUs in the “cloud” (much though I loathe that word).  I’m curious as to how popular such a service could be.  Anybody interested?

I'd be interested in a service like that. Please could you PM me if you ever get round to doing it? Thanks :)

Please see above.  I’m currently trying to do a 245 (9 characters of Bech32) search on a very slow laptop; I estimate that after both cores spin sipa’s keygrinder 24/7 for two months, I will then have about a 1% chance of having found a match.  Getting access to some fast cloud computing would give me both the impetus and the opportunity to develop a production-quality client/server implementation.





I just used segvan to find 3Jjjjj8466bZXCFJQGDk1reaAXwrri39Vz, 3AAaAAMy2auJ1c5wCRj7Qbzx8qshh9cVrx and 3FffFFLntXU14ePkYK3pyASx2Smaw5TfF1 :)

Unfortunately I had to build from master instead of the sipa_grind branch so I think I'm missing out on the huge performance improvements. Is the sipa_grind meant to be working right now?

I also noticed the 333333mR6i1xHnDQAy1xUwvbGXFqjGgzUU address in your signature and profile!

Apples to apples, rounding liberally, the same patterns with the same codepath give me about 7000 keys/sec generating keys one by one, and 35000 keys/sec with sipa’s keygrinder.  Thus, about a 5x speedup.  (For comparison, with OpenSSL on the same hardware, I maxed out at about 1400 keys/sec.  Core’s secp256k1 really blows OpenSSL away; it is something to be most thankful for when synching the blockchain.)





If you want this to become more popular like vanitygen original version, you need to make windows version of it.
Most users using Windows while generating their private keys. You need above average knowledge to compile it yourself and use linux.

Please see the discussion of Windows porting in a Segwit vanity address generator request thread which pushed me to make an initial release of segvan.

My current priorities are approximately:

0.0. Stable, feature-complete, well-tested implementation on FreeBSD and Linux.  This is much more popular than I’d expected when I whipped up v0.0.0 on an idle afternoon in December.  I want to do it right.

0.1. Packaging on FreeBSD ports and at least one or two popular Linux distributions such as Debian (depending on acceptance by those with commit bits).  This would cut down on the “above average knowledge to compile it” part.  As of this writing, there are 31593 FreeBSD ports available; and the Debian homepage currently claims >51000 packages.  I understand that lack of application compatibility is one of the major problems faced by Microsoft Windows users; and if I have a popular application, I will try to see how I can help with that.

1. Online services, possibly including a stripped-down trustless tweak generation client usable in some way with Microsoft Windows, among others.  This is a high priority to me, since I myself am poor in hardware; and the v1 network protocol I have in mind would make it almost trivial to support securely ordering up vanity addresses from your Windows PC, your iPhone, or whatever.

2. If that does not resolve demand, then maybe a Windows port, potentially with fewer features.  The modularization I am now doing should help with portability.  For example, one of the first roadblocks I hit with a mingw build was POSIX regex support.  The ultra-fast prefix checker I’m currently playing with is portable C code; a Windows build might include that and omit regex support, at least initially.





Code:
pc@pc:~/segvan$ ./segvan -r accs

Anchored regexes will usually be significantly faster (or less slow, depending on your perspective).  Thus, try ^bc1qaccs unless you truly desire every match appearing anywhere in the string.  Giving the HRP/separator prefix is necessary, since segvan currently matches against a whole address; and no warning will be given if you provide an impossible pattern.
1638  Economy / Service Announcements / PSA: Pushing Btrash will lose you customers. on: March 29, 2018, 04:11:26 PM
SporeStack now accepts Bitcoin Cash: https://sporestack.com/news#2017-12-12

SporeStack accepts (and prefers) Bitcoin Cash

2017-12-12

We highly recommend switching over to Bitcoin Cash as soon as possible for SporeStack use.

Well, this is unfortunate.  I’ve quietly had my eye on Sporestack for over a year, with an eye toward future projects.  As an all-Tor, all-the-time ghost in the.nym.zone with no means of payment other than Bitcoin, it seemed well suited to me.  But I’m prudent in saving my bits; and I did not have an urgent need for a VPS.  Thus, I simply checked in every few months to see the latest developments—and now, when I have a potential immediate need for service.

FYI, pushing the agenda of Bitcoin distorters and their kakocracy will exclude Bitcoin zealots as your potential customers.  Case in point:  Me.

I’d say good-bye at this point, but I am curious:  If fees were the problem, as stated on the Sporestack website, then why didn’t you add Lightning Network support?  LN mainnet became active soon after you started “highly [recommending]” fake-Bitcoin.  Come to think of it, I may soon need some means to anonymously set up a Lightning node in the cloud.

I’m also curious as to whether your recommendation still holds when with Segwit addresses, for almost two months now, I’ve been paying fees sometimes as low as 1 sat/B (!), never higher than 5 sat/B.
1639  Economy / Games and rounds / My congratulations to other Round 3 winners—and a plot twist for Round 4... on: March 26, 2018, 09:13:29 AM
Congratuations to bitmover, Blue Tyrant, and the runners-up!

nullius: Man. You had me worried at the beginning of the week. I know the CloudFlare issue is a huge one for you, as a proponent for security and privacy. So seeing posts repeatedly about the issue had me concerned that you would not be able to deliver. But you did. [...]

Joe, your critique described my past week on the forum similarly to how I myself would have put it.

In the hope of spreading some old-school antispam culture here, I will select The Rules of Spam, Bitcointalk.org Edition as the post to receive my prize merits.

It is true that frankly, Cloudflare’s Javascript checks have been driving me away from the forum.  For that reason, I was away for two whole days this past week; and I think that in the time since I started actively using my account, the only period during which I posted less than this week was when I took a three-week forum hiatus in January.  I also lost the draft of an extensive Dev & Tech post, due to a mishap with the ephemeral VM which contains a browser running scripts I distrust.  Going forward, I hope that some means can be found to fend off Internet arsonists without impact on legitimate users.





And now, with a bow and my thanks to Joe for running this contest, I must sadly decline to enter Round 4—well, sort of.

I may have inadvertently entered a fictional character who has limited purview, and thus far makes few posts.  Such is life in the æthereal0 mists of the.nym.zone:  She approached me, offered her PGP key (0x69696969), and pleaded with tremulous eyes that she must enter Joe’s contest for the greater glory of her bitcult.faith.  What could a flesh-and-blood mortal man say to that?  I must stand down, lest she be barred by the alt-account rule.

Can she be competitive against people who actually exist?  The contest grows more exciting yet!  I am curious to see what Joe’s critique will be.



0. Not “ETHereal”.  Bitgod forbid.
1640  Economy / Reputation / Public hate from Btrash shill #981616 “vsyc” on: March 25, 2018, 08:22:30 PM
An off-topic insult by Btrash shill #981616 “vsyc” has been archived and deleted from my trust feedback policy thread:

You such a joke, catch negative trust from me Smiley))

Retaliatory negative trust feedback from “vsyc” to nullius:

Date: 2018-03-25
Risked BTC amount: 0
Reference: (none)

Quote from: vsyc
Sometimes hope for betterment is wasted. This person does not respect other view and believes. No personality behind, some driven scam bot.

Stay away.


Negative trust feedback from nullius to “vsyc”:

Date: 2018-03-12
Risked BTC amount: 0
Reference: https://web.archive.org/web/20180312074550/https://bitcointalk.org/index.php?topic=2399315.0;all

Quote from: nullius
When I was at Newbie rank and had been actively posting for less than 48 hours, I got into an argument involving two Btrash shills:  #981616 “vsyc”, and #494856 “Mrpumperitis”.  Their rank dishonesty made me distrust them; and I wanted to express my distrust through the forum’s trust system.  Being new here, however, I did not yet really understand how the trust system worked; and I feared retaliatory negative feedback (such as I noticed “Mrpumperitis” leave for others), since I did not yet realize that such a thing from a Btrasher would be a badge of honour for me.

I resolved that someday, I would return and make public my distrust of these two odious characters.  That day has come sooner than I’d expected.

Disinfo-mongers who push a scamfork by every means of artifice and insult are *untrustworthy*.  AVOID.

This feedback is made consistently with my trust feedback policy:
https://bitcointalk.org/index.php?topic=3009256.0

N.b. that “vsyc” first came to my attention on a thread wherein after theymos said this:

If someone is fraudulently passing off Bcash as Bitcoin, the most appropriate response is probably to give that person negative trust.

...“vsyc” proceeded to declare:

When exchanges start switching to Bitcoin Cash and recognise it as next version of Bitcoin, than you will look like stupid clowns.

Bitcoin is a scam. Bitcoin Cash is the future and upgrade of Bitcoin (a.k.a. Dead Horse)

(...etc., ad nauseam...)





Historical note:  That thread saw my first direct involvement with immediate controversy on the Bitcoin Forum, although it wasn’t really an interesting fight due to the abject stupidity of Btrash pushers; e.g.:

ill say it here...BITCOIN CASH IS THE REAL BITCOIN

Yawn.

(But it is amusing that this should be brought up again today, shortly after I became involved in a discussion about how an open, honest form of ASICBOOST is coming to Bitcoin.)
Pages: « 1 ... 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 [82] 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!