From my perspective of having spent almost a quarter-century enamoured of the idea of cryptographic currency plus reputation systems that would enable pseudonymous economic activity, it is only natural that I think this is a terrible idea.  Actually, common sense and basic fairness say this is a terrible idea.

The people with good reputations would not work back up from zero:  They would have just seen that valuable reputations they had worked hard to achieve had been arbitrarily “reset”, for the purpose of appeasing those with bad reputations.  Well, no good deed goes unpunished.  What happened once, would surely happen again.  Therefore, if not patently irrational and/or masochistic, they would leave the forum.

Although there may be mistakes made here and there, it is undoubtable that most people with negative reputations have earned those reputations, too.  The forum would be left with those, plus newbies (i.e., fresh meat on a forum where everybody who’s not a newbie is a scammer).

Oh, joy!

(Dear readers, I apologize for having merely stated the obvious.  It is bad form.  Well, somebody had to.)

---

That was your choice.  Do you care to explain why others’ choices should be erased because you regret yours?

(And before anybody suggests that having much merit disqualifies me from speaking about merit...)

---

Well, I infer that was his purpose in neutering the effect of feedback, and essentially democratizing DT in a convoluted way.

My prediction as to the latter is that it will destroy the trust system.  In the long term, it will put DT under control of those who optimize for gaining control of DT by any means necessary, and devote unbounded time and effort to doing so.  That is a bad criterion.  As for cleaning up these sordid threads, it will backfire and will escalate, not quash the perpetual DT wars:  Demagogues, agitprop, and “negative campaign ads” thrive in such a system.

Not all of this will be obvious when the system is new, because old DT members started with an incumbent’s advantage; but given enough time, the rot will set in and take over.  And tinkering with the DT selection algorithm will not help much; such as system as DT is a social problem, not amenable to such technological solutions without a human element that actually works.

Something analogous happened in American history.  The revolutionary American founders were not titular nobility; but most were of the gentry, a high social class that was almost nobility.  Compare long-established forum members who were at some point selected for DT1 (however imperfect the selective process may have been in both cases).  For the first few decades of their new system, the most important elected positions were almost all filled from that class.  Then rose “political machines” with gangsters, party politics in the worst modern sense, special-interest groups, etc.  They sometimes used outright ballot-stuffing and fraud; similarly, we have circles of alts to Sibyl the system.  Otherwise, they are just expert manipulators of mass opinion (n.b., “confidence men” are so-called because they specialize in luring people to unwisely trust them).  Well, now just look at ’em!

So as for my prediction of unintended consequences.  Intelligent people may argue over this.  The future will show who’s right.

What is not intelligently arguable, or even sensible, is the notion that depriving good people of good reputations, and relieving bad people of bad reputations, would achieve anything but to destroy the community in an instant.  Cui bono?

Only two years ago, it seemed to me that most of the “we need KYC because of money laundering” propaganda was being parroted by the types who pad their activity counts with mindless drivel in megathreads.  Now, it seems to be all over the forum—and elsewhere in places where one may expect an understanding of privacy issues.

For the most ironic of countless petty examples that I have recently seen all over the Internet, observe how a a technical discussion on tor.stackexchange was cut short with extreme rudeness (archived):


I was shocked to see that from someone who evidently has deep technical knowledge about onions.  Turning the sarcasm up past (9/)11, I must remark, it seems the attitude is:  “Here, I thought you must be building some nice kidporn site or drug market.  Now that I know you are building a Bitcoin ‘mixer’, you are beneath contempt!”  Does an apparent expert in Tor onions not realize that all tools can be abused, but good people need them for good purposes?

I certainly do not want to reflect badly on Tor here, based on the rude and thoughtless comment by some arbitrary Stack Exchange user.  The Tor Project itself is proud that “Tor secures cryptocurrency networks!”  And the Tor Blog recently published as a guest opinion the single best short essay on financial privacy that I have recently read.  Print that one out, and hang it on your wall!  As I stated in OP here, I had long ago reached its same conclusion that Lightning Network is the future of financial privacy:

---

Thanks for making this post much shorter!  I can only add that if I were Chipmixer, I would not get such an audit.  I would not want to risk granting the auditor (perforce an outsider) high-level access to my systems for no useful purpose; and I would not want to give my customers a false sense of security by “proving” the impossible.  I respect Chipmixer more because they don’t seem to be the types to claim that they can prove such a thing.

---

Boldface added on some particularly important points that I fully agree with:



I should reiterate a theme of my OP:  I am walking a fine line in so far as I don’t want to FUD Chipmixer, but I need to examine this issue honestly.

It is a service that I want to like.  It is the only centralized, trusted mixer that I want to like.  Their signature ads specifically speak to privacy.  Their FAQ quotes Dr. Adam Back to answer the question, “Fungibility?  Why would I care?”  Oh yes, I want to like them!

They may well be real privacy advocates running an excellent, trustworthy service.  If so, they are also providing an ancillary benefit to society:  Their ads promote the idea of privacy at a time when society is moving in the opposite direction.  This is why I was outraged to see them and their advertisers smeared as “evil”.

I hope that’s what they are...


If Crypto AG could sell NSA-backdoored security products for governments and militaries for five decades, then I would not make such inferences.  Though of course that was the NSA, not a garden-variety police sting; and if Chipmixer is a honeypot, they certainly provide one of the best, most competently-run honeypots on the Internet today!

I further observe that Chipmixer’s overt attitude is not of the kind used to attract the criminal element; there is a sort of “darknet” cant seen on some sites, thinly-veiled hints that we will help you get away with it, which is completely absent from Chipmixer.  They “smell” clean.  They speak the language that speaks to you and me; and they pour what must be a fantastic advertising budget into the Bitcoin Forum, which is a good place to attract non-criminals.

This suggests that if they are a honeypot, they are probably an intel operation targeting smart people, not a police sting targeting the kinds of people for whom “opsec” means getting a post office box for receiving bulk quantities of felonious contraband from anonymous persons you met on the darknets.^*

Or else, they are hardcore privacy advocates who know that most people will use a centralized mixer, so they should provide a good one.  I said, I want to like them...

(* Not that all Internet drug dealers are so stupid, but many of them are!  The example hereby given is based on a real-life case that I read about a few years ago:  Somebody decided to get rich dealing drugs on DNM, and therefore bought drugs wholesale by the kilo from DNM.  Shipped to his post office box—where he picked them up personally—thus where the police picked him up in a controlled delivery.  This leads me to wonder, why do we need mass surveillance?  The cops have their hands full with dopes who are practically begging to be caught.)

---

To be clear, there are two separate trust issues:  Trusting the mixer to not steal your coins, and trusting the mixer to not violate your privacy while pretending to protect it.  I have been discussing only the latter.  The former is an important issue; but if it were the only issue, I would be comfortable saying that I trust Chipmixer based on their established reputation.

Note that there have been major scams with mixers, including selective scamming and exit scams.  That never deterred the use of mixers generally; and it did not:


That effort started long ago, with practical implementations you can use today—plus too much related research to sum up in a few handy links.  Bitcoin privacy is a big topic.  And in the future, as I said, I think that this whole discussion will be made obsolete.

What a mixer site most provides is convenience and accessibility.  You send them coins; you get back other coins; and you hope that they did not retain any data connecting these coins to those coins.  It is simple for the user, though a well-run mixing site will have much complexity behind the scenes.  Chipmixer does a good job of that:  The site is a pleasure to use, and easy enough for anybody.

johhnyUA:  Off-topic, but thanks for suggesting this:
https://web.archive.org/web/20200104000755/https://bitcointalk.org/index.php?topic=1159946.420

---

By way of general preface to my replies, I think that I should better explain what I am trying to do, in terms that are not so abstract.

Imagine that somebody made the following nonsensical argument in defence of a scammer who was caught red-handed:

Quote from: hypothetical

Scamming is a human right!  There is nothing wrong with lying to people and ripping them off.  Those who try to stop scammers are oppressing their right to redistribute wealth to themselves, a charitable end which justifies any means whatsoever.

Would you ever engage in a financial transaction with that person?  I doubt it.

You would not only distrust “hypothetical’s” judgment about trust in others:  You would distrust “hypothetical”, period.

That hypothetical is intentionally extreme.  I think that “cryptohunter” did a lesser, subtler, and less-obvious version of the same thing.  He admitted that plagiarists should be banned, but demanded that people stop being so terribly mean to them.  He said that some plagiarists have “semi legit reasons” (!), and he was clearly in sympathy with those who did this because they are (actually or allegedly) poor.  Without saying so outright, he made it seem that the plagiarists were somehow victims.

Because I evaluate people, not mere actions, my gut reaction was, “He is making excuses for dishonesty; what does that say about him?”  I mean that as a practical question, not only the theory of whether he is a good or bad person.

---

In real life, most liars and scammers are not psychopathic evil geniuses who honestly say to themselves, “I want to rip people off, and I think that’s cool:  I am a predator who eats human flesh, an economic Hannibal Lechter; I drink the sweat and blood of people who have worked hard for their money, and I love myself all the more for it!”  Some are; and those are usually too busy holding political office to post on the Bitcoin Forum, or else they work for banks or law firms.  The ones in Bitcoin would be hacking exchanges or pulling huge scams for hundreds of BTC or more, not swindling newbies for sats.  That’s not because they are so great, but rather, because they are comfortable with criminality:  They can plan it in advance, eyes open, with coldly rational calculation of risk and reward, and set long-term criminal goals that are not ridiculously pathetic.

Most of the others are only weak wretches who choose the path of least resistance, all along making excuses—first, excuses to themselves.  It starts small, from the ease of excusing something a little bit wrong, and then grows into a habit, with excuses growing commensurately.  Nobody starts out by declaring, “My highest aspiration in life is to become a career forum scammer!” or, “Plagiarizing texts to pad my post count is my awe-inspiring skill that will make me rich and powerful!”

Incidentally, this is why bingo-card ridicule is so effective.  It is much harder to hurt the feelings of a blackhat who pwns Equifax—or of people accustomed to being called “Mr. President” (though this post may theoretically do the latter, nf V bapr qvq sbe fbzr onax rkrphgvirf jub znqr zr ovt gebhoyr).

(Of course, the foregoing dichotomy is a simplified generalization that does not cover all possible roads to perdition.  There are other ways; for example, a review of the downfall of the forum’s most-untrusted active user would be interesting, but offtopic on this thread.)

---

Protip:  Everybody has it tough in life—some more, some less.  Everybody sometimes faces pressure and a choice between the hard way, and the easy way out.  The type of person who excuses dishonesty on the basis of neediness may find himself in an opportune situation to rip someone off, and maybe he himself feels some desperate need at the moment, and then—well, then, you do not want to be the one trading with that person.

As for him, he will never admit to himself that he’s just another scammer:  He had an excuse, or at least a “semi legit reason”.  It would be cruel if someone were to ridicule him with an excuse bingo game, for that would honestly declare to him who and what he really is.  How could he look at himself in the mirror then?  You mean bully, won’t you please think of his self-esteem?

As I said, I would not trust “cryptohunter” with even a millisatoshi.  That’s a judgment that he himself is untrustworthy...

Quote from: Steamtyme on January 02, 2020, 03:04:43 AM

The course of action that you should be taking is ~ them from your trust list as you don't trust their judgement.

...not only that I don’t trust his judgment about the trustworthiness of others.

---

Quote from: Lauda on January 02, 2020, 04:25:50 PM

I actually asked theymos to give input on this, but he may or may not.

Thanks.  But isn’t this the very reason why he created the flag system?  I didn’t flag #92110:  I saw the new flags, didn’t see any explicit criteria that met this situation, and left an old-fashioned negative feedback.

Unfortunately, since feedbacks have been neutered, this will do little to protect newbies who do not know how to investigate through the trust system.  But that is a different topic.

In OP, I referred to trust feedback as a sort of “common law”.  It uses have been decided and adapted by precedents set in reaction to different types of untrustworthy behaviour.  For an example that I myself experienced, two years ago, when the merit system was introduced, scammers and spammers immediately started feeding merit to their alts.  People started red-tagging them; and it became a regular practice, widely accepted on grounds that it was necessary to protect the the integrity of the merit system.  If theymos ever made a statement specifically about issuing negative trust feedback for merit abuse, I must have missed it.  (Granted, I may have done just that.)

As such, I wanted to see people’s reactions—not as any sort of vote, but more to assess baseline acceptability by the forum community.  Thus far, reactions are a mixed bag:  Some approval, some idiocy that I can safely disregard, and some disapproval...

Quote from: eddie13 on January 04, 2020, 01:03:07 AM

Is it supposed to be a big deal or something?

It seems nobody really cares too much other than to say it is a pretty shitty tag and a pathetic choice of a target..

...case in point.

I see no evidence that the sky is falling, or that I accidentally broke the trust system.

(It is an interesting question, but offtopic here, whether the trust system was broken by placing DT under long-term control of mob-rule, and thus demagogues, alt-armies, and people with infinite free time to figure out new ways to game the system.)

Steamtyme raised a concern that is not invalid per se, but it is not something I care much about:

Quote from: Steamtyme on January 02, 2020, 03:04:43 AM

Actions such as this are honestly only emboldening the individuals who feel on the outs, or that having opinions are why they are targeted. They then use these instances as a lightning rod to others, and they aren't wrong when they get handed these gifts that "prove" their opinions on the system to be right.

Aren’t such individuals bold anyway, without “emboldening”?  I see no shortage of prolific new topics by people playing the victim because they got their hands caught in the cookie jar.  Moreover, I myself do not customarily give a tinker’s damn about the bluster of such people.  They will make noise; and if you fear the noise they make, then they will make worse noise.

I don’t see any other criticisms warranting a response more specific than:  I will agree to disagree.

---

Note to self:  In the future, on self-moderated threads, add an explicit note that posts quoting a whole post will be deleted.  I don’t want to censor hostility toward me in a reputational discussion, so I will not delete this one.  But please, for the sake of readers, have some forum etiquette!

Quote from: The-One-Above-All on January 02, 2020, 04:51:50 PM

1. noobious does not have a miilisatoshi so it matters little to cryptohunter we are sure

You expect for that to make a Bitcoin privacy advocate reveal some juicy evidence of his money?  LOL.

Quote from: The-One-Above-All on January 02, 2020, 04:51:50 PM

Nice to put this fucktard in our sights though and see his true colors. Look forward to plenty of public destruction scumbag. Fancy words and " sounding smart" won't stop us pulling you apart in debate.

Look forward to your own thread.

Writing skills would help.  Graded F.  Try harder.

---

Quote from: The Pharmacist on January 03, 2020, 05:03:16 PM

And wow, nullius is back!  My attention span doesn't allow me to read everything he writes, but it's cool that he returned.

Thanks.

Quote from: The Pharmacist on January 03, 2020, 05:03:16 PM

I don't know if TECSHARE is right that he's an alt of someone, but who knows.

I will mathematically prove how this works.  Given:

• nullius = Lauda (Source: forum somebody said so)
• nullius = Satoshi (Source: forum somebody said so)
• Craight Wright = Satoshi (Source: Craight Wright)

n = l, n = s, cw = s
∴ l = cw

Lauda is Craig Wright!  Q.E.D.

[Edit: Archived.]

Proof that I can still sign with my key:


My below modification of subkeys/userids proves that I still control the certification-only primary key.  I have mentioned before somewhere, the primary key is exclusively kept on an airgap machine.  (man gpg, look for --export-secret-subkeys)

I dislike distributing my key this way, especially since I intend to soon do more key maintenance.  However, with the keyserver network permanently b0rked, this seems to be the best available means for me to distribute to the forum all of my userids (including those with no mail), revocations of userids for mailboxes that no longer exist, and so forth.  The most useful parts of the key are on keys.openpgp.org, as linked in my signature.

Here is my refreshed key with some userids revoked, and a new expiration for the encryption subkey:

Life experience shows true the age-old principle that people who add gratuitous moralizing to their names are usually covering for their own defects.  For example, if you see a user who calls himself “Honest Trader”, then you may presume that he is a scammer:  Methinks he doth protest too much.

For another example, the self-styled “No HATE” drips acid hate for privacy beneath a transparent veil of mealy-mouthed, nicey-nice “sorry” and “no offense” and other sickeningly saccharine platitudes:


Boldface and red colouring are in the original.  This is stated in response to negative trust-tagging of users wearing a Yobit advertisement that makes impossible financial promises, i.e., a scam.  Of course, “No HATE” does not pause to consider the possibility that the persons who wear Chipmixer ads tend to be honest, and are thus motivated by a desire to alert others to scams.

Now, observe “No HATE’s” premise:  If you want to unlink your financial transactions on an immutable global public ledger, then you must be doing “shady activity”, your privacy tools are “evil”, and people who promote those tools thereby “sell their souls” to the devil of so-called “money laundering”.

(The whole concept of so-called “money laundering” is perverse in principle, twisted in practice, and misunderstood by most people who bandy the phrase about; but that is another matter.)

Having seen one sick tree, step back and observe the forest.  Such attitudes and beliefs are increasingly common nowadays; and by no coincidence, they are becoming more common as governments worldwide work overtime to destroy financial privacy.  Chainsaw needed:  If nobody stands up against this trend, then the trend will continue until all financial privacy is destroyed.

---

For my part, I cannot tolerate the above-quoted smear of Chipmixer and its signature advertisers—much less the widespread promotion of the underlying hatred of privacy.  Thus in protest, despite the misgivings stated below, I will now spend an as-yet undetermined time carrying an unpaid, unsolicited advertisement for Chipmixer.

I have not spoken to anyone at the Chipmixer campaign before doing this; my actions hereby are completely unilateral—and indeed, I don’t even qualify for the Chipmixer campaign.  My ad is admittedly not as slick as the official one; I may try to improve its aesthetics a bit.

This is an act of solidarity.  In the past, I have spoken to well-known Chipmixer signature advertisers who told me, in essence, the following list of their reasons for wearing Chipmixer:

• It’s good money.  By such means, they can afford to spend endless hours making this forum a better place, as opposed to spending those hours on some other job.  (There is nothing wrong with the pay rate being a criterion, as long as it’s not the only criterion, and not decisive in itself.  Also, observe that this motivation is the inverse of the sig-spammer:  They want to get paid so that they can spend more time on the forum; they’re not coming to the forum so that they can get paid.)
• Advertising Chipmixer, a reputable privacy service, is more ethical than advertising the scams pitched by many other campaigns, which they found grossly unacceptable.  In particular, they recoiled in horror at the idea of pumping ICOs (which were all the rage when I had these private discussions).  I infer that they would have flatly refused to advertise Yobit “earn 10% daily, 100% safe” scams at any price.  This directly contradicts “No HATE’s” accusation that they “sell their souls”.
• A related weaker form of the preceding item:  The Chipmixer campaign is one of the most selective campaigns on the forum.  It is quite difficult to get in; you can’t just be some idiot who spams illiterate, nonsensical shitposts as a desperate money-grab.  Chipmixer sig spam posts are thus practically nonexistent, despite their high posting requirements:  They offer relatively large payments, but they only offer those payments to people who have a long-demonstrated record of prolific, high-quality forum activity.  They get what they pay for—and thus, on the other side of the coin, they offer the person accepting the ad a way to sell your signature without looking spammy.  For elite users with sterling reputations, this is a major concern.

I think that’s fine.  But for my part, I must consider these factors of my own:

• I generally dislike signature ads.  I may take one someday; but I would prefer to avoid it.  I do recognize that signature ads make it possible for many of the forum’s best regulars to spend fantastic amounts of time and effort here; and really, I could use the money, too.  Well, thus far, I just have not been able to get past my personal feelings on the matter.
• Although I have nothing against productive, profitable businesses—to the contrary!—it is childishly foolish to behave altruistically toward a business so wealthy and successful that it evidently has a stratospheric advertising budget.  If I am to advertise their services, thus increasing their wealth, then it is only fair that I should get paid.  Well—I will make my point, then change my signature to something else.
• By design, Chipmixer is a privacy service that you must trust with your privacy.  I strongly dislike that, and cannot endorse it.  On this point, the best that I can say for Chipmixer is that my dislike applies more or less equally to all mixer sites (excluding trustless services such as JoinMarket, which are not “mixers” in the usual sense); and I probably dislike them the least.  I do commend some of Chipmixer’s efforts to improve privacy on the forum; whether that indicates anything useful for trusting the privacy of Chipmixer’s mixing service is a difficult question, and one for which I have no immediate answer.
• Chipmixer does not implement Segwit.  As an external observer, I infer that it must be because they started when Segwit activation was still tied up in politics; and their innovative design requires them to keep what must be a terrifically large inventory of pre-made “chips” (i.e., UTXOs of various sizes) to distribute.  For privacy reasons, slowly rolling over the inventory of chips may be out of the question:  That would partition the unlinkability set between those who received non-Segwit chips, and those who received Segwit chips.  But rolling over the inventory instantaneously may be financially prohibitive; and that would not avoid a partition, although it would minimize the partition’s effects.  At least, this is my hypothesis based on blackbox observation of how the service works.  I have not spoken to anybody who may actually know.

If you want to use a trusted mixer, Chipmixer is probably the best option.  They are innovative.  By all accounts, they are very reliable.  I myself have sometimes used their services (with coins already anonymized by other means that do not require trust), and I generally avoid trusted mixer sites like plague.

---

Compare the situation with Tor versus VPN.  Tor is designed to minimize trust generally, and to eliminate the need to trust any node in particular.  If a circuit passes through a node that logs all data, the node still can’t see both endpoints.  With a VPN, you need to trust that the VPN provider is not logging all your Internet activity—as many of them do, all promises to the contrary notwithstanding.

If you want to just send coins to a mixer site, cross your fingers, and hope that it’s not a honeypot logging the links between inputs and outputs, then I suggest that you click the links in my signature and try Chipmixer.  Chipmixer is convenient, and it unlinks your transactions on the public blockchain.  Javascript is not required.

If you want trustless privacy, that is a complicated subject beyond the scope of this topic.  The best I can say here is that as Lightning grows, it will render all these questions obsolete for most use cases:  Blockchain spies can’t trace transactions that never touch the blockchain!

No; check post history.


Moreover, shame has been turned on its head:  If you shame bad people, you will be shamed.  I observed that “cryptohunter” did this to The Pharmacist.  You yourself should prepare to be shamed for what I just quoted, not despite, but because of it being a simple, lucid observation about the world in which we live.

The trick only works, because the people who should have the moral high ground are ipso facto those who are capable of feeling ashamed.  The ones shaming them are shameless, and highly manipulative.  You did not actually say anything wrong; but if you are sneered at and jeered at with unlimited hostility in a way that plays on your emotions, guilts you for being unsympathetic, slaps you with meaningless labels, impugns your motivations in a hundred ways, etc., then it could get to you.  Conveniently, the shameless will not feel ashamed of doing this to you.

Compare what “cryptohunter” did in the linked thread:  He portrayed a bingo game that ridiculed plagiarists’ flimsy excuses as if it were some sort of cruel injustice against poor, desperate people who are just so... so... needy.  Objectively, it is just the brand of dangerous stupidity that may persuade people who don’t think it through.  Subjectively, in my case, this peculiarly outraged me because I have experience with being poor.  As in, “imperiled for my short-term physical survival due to a decidedly painful lack of food and shelter” level poor.  Poor enough to be able to attest the maddening effects of chronic hunger (and resulting long-term detriment to the body).  I did not scam people, or spew plagiarized posts on the Bitcoin Forum.  “cryptohunter” implies that if I had, others should have been somehow sympathetic; and that offends me by degrading my dignity.  Surely, in today’s society, in the Year 2020, I am entitled to me-centred outrage based on being personally offended!


True enough.  But, (a) “cryptohunter” did not merely blame crime on poverty.  He went beyond that in ways that showed a high tolerance for dishonesty, even a sympathy for it, per what I stated above.  (b) One must start somewhere; otherwise, nothing will ever change.

---

I expounded on this.  Was it TL;DR for you?

---

Stop trying to prove that Lauda is Craig Wright.  It is defamatory.

I did not intend for the following to be a post.  It started as a simple observation on the trustworthiness of a user, then grew into an opinion that I think should set precedent in what is effectually the Bitcoin Forum’s common law on use the trust system.

In that light, I must emphasize the narrowness this opinion.  I think it would be a massively destructive abuse of the trust system to use it to, say, punish people for their political opinions.  The trust system is in effect an economic weapon; and the use of economic weapons to enforce groupthink is odious.  E.g., nowadays, there are places where you can be fired from your job for using the correct pronouns, or making simple, factual observations about reality—let alone expressing the “wrong” opinions.

In the general case, if I see on this forum an opinion that I think is wrong, even horribly wrong, my reaction is either to say why it’s wrong, or to ignore it as garbage.  I may sometimes personally avoid transacting with people I disagree with, in the manner of a quiet boycott; but there are even many people on this forum whose opinions I find disagreeable, with whom I would have no qualms about transacting financially.

By contrast, what I hereby consider is an opinion that directly, unavoidably, substantively demonstrates the untrustworthiness of he who expresses it.  Is it untrustworthy behaviour to demand that scammy, dishonest people should not be shamed?  I say, yes!

It would be interesting to see some intelligent analysis and critique.  I admit it’s arguable whether this is a good idea, for I am walking a thin, dangerous line.  However, I sincerely, unarguably, and unalterably distrust this user, for the reasons stated below; and what is the purpose of the trust system, if it is not for expressing a well-founded distrust so as to warn others?

[The following is what I intended to use as a trust comment.  It invoked an error:  “Comment too long.  Create a topic and link to it instead.  A draft was saved.”  In my actual trust rating, it will be replaced with a link to this topic.]

Quote from: nullius

In the linked post and subsequent posts on the same thread, #92110 “cryptohunter” rationalized and morally minimized plagiarism.  He did this with no apparent direct self-interest; judging only by the thread on its face, he appears to have done this to protect plagiarists from shame *as a matter of principle*.  #92110 admits that plagiarists “need to be banned”, but vehemently objects to shaming them with ridicule.  For the purpose of judging trustworthiness, all this only makes him worse.

A.

Unlike copyright law violations, plagiarism is truly the theft of ideas.  It is singularly the most reprehensible wrong that can be committed within the realm of the intellect; and it is inherently fraudulent, an intellectual scam by definition.

Thus, anybody who defends, excuses, or morally minimizes plagiarism in principle is *ipso facto* untrustworthy.  Anybody who considers plagiarism not shameful is definitely untrustworthy.  And this applies a thousandfold to anybody who attempts to manipulate the emotional sympathies of the public to stop social shaming of plagiarists:  It is no less than an attempt to protect fraudulent criminals by depriving a community of a needed weapon, i.e. social shame, that the community uses to defend itself.

Perhaps worst of all in concept, this last is hereby seen done via a values inversion that shames the people who are shaming dishonest, fraudulent plagiarists.  Further down the thread, #92110 even has the audacity to issue a preachy, self-righteous tirade disparaging and ridiculing the “moral compass” and “critical decision making capabilities” of The Pharmacist:  The latter has no sympathy for poor, desperate plagiarists who are being deterred by public shaming from the forum and its financial opportunities.  Evidently, he expects for The Pharmacist to be ashamed.  (I do not hereby reach #92110’s other arguments, other to note that they are are completely wrong.)

B.

There are instances in which a disagreeable opinion is just that, and reveals little or nothing about the trustworthiness of the holder of that opinion for financial transactions.  I absolutely would not issue a negative trust rating in those instances.  This is not one of those instances.  The linked post is tantamount to a self-righteous declaration that “even though [scammers] need to be banned I can't say I have no idea why they do this”, and they shouldn’t be shamed for ripping people off, especially if they are “poor as fuck” or have “semi legit reasons” (!).

Indeed, substitute the word “scammer” for “plagiarist” in the context of the linked discussion, and you will immediately see why I have chosen to tag #92110 as untrustworthy for financial transactions.  I would not trust a plagiarism apologist with even a millisatoshi.

Coda

I see that #92110 is accused by others of abusing alts.  If/when I have time for the needed investigation, I should issue a negative trust rating to any alts that I independently verify actually belong to the same person(s).  It’s low on my priorities list, but I hope that I will get to it eventually.

Archival link:
https://web.archive.org/web/20200101215600/https://bitcointalk.org/index.php?topic=5084319.0;all

You have caught me in a rare case of speaking from abject ignorance, i.e. based on what I have read in almost^* 2^40 articles in the mainstream media.  I also did deliberately exaggerate at certain points, as hinted by such phrases as “my caricature of the secret police”; but overall, I was discussing what I thought to be a significant problem.

If I misfired, I stand corrected.  With a decade’s worth of perennially circulating stories about travellers being coerced to open their devices, log into social media accounts, and so forth, is it really that easy to stroll across the border with terabytes of encrypted data pseudorandom bits?

I wouldn’t know:  I am reliably told that TSA security-(porno-)theatre gives travellers the choice between being photographed effectually nude, and being groped.  Although I have no objection to either in pleasant company, I find TSA personnel decidedly displeasing; and if I refuse KYC on privacy grounds, you may imagine my opinion of how intimately the TSA peremptorily demands to “Know [Their] ‘Customers’”.  Thus, I have not crossed the American border in many years.

(* For a value of “almost” consistent with a tiny bit of hyperbole.)


Do you let any electronic devices (including bare disks) out of your physical control and observation?

I doubt that remote data-grabbers are anything but movie magic.  However, devices outside your control or observation (e.g., in checked baggage) could be bugged to facilitate future remote penetration; and nonvolatile storage media of any kind can be trivially copied (well, that’s why we encrypt!).  To be clear, I am just thinking aloud in terms of capabilities.  I have no idea if either practice is done at the U.S. border, or if so, how common that would be.


Thanks.  But on account of your questioning of my potentially erroneous information, I am so hurt and offended that I plan to complain to your ISP about your harassment and cyberbullying, then boycott the Bitcoin Forum forever.  Well, that’s the way of the internets nowadays.  I am completely sincere:  You know how it is, with sarcasm running out of money to pay for your sig; it stopped paying me, too.

<blink>YOU ARE THE PROBLEM.</blink>

<img src="mushroomcloud.jpg"/>

:weeping_satoshi:

---

An Essential Introduction to Bitcoin for Ill-Informed Newbies:

In Bitcoin, ownership of funds is exclusively proved by control of the cryptographic private keys that can be used to satisfy the output script for a UTXO (i.e., a “coin”).  This is why it is called “cryptocurrency”.

The foregoing is no mere semantic quibble:  I have just stated the purpose of Bitcoin.  Absent that purpose, Bitcoin would be only the world’s slowest, most-expensive, least-private, most horrifically inefficient financial database; and it would be idiotic to use it for anything.

If you have the private keys, it is your Bitcoin.  If you do not have the private keys, it is not your Bitcoin.  Not only does KYC fail to augment these rules:  KYC is incapable of contradicting these rules.  Observe that if I have Bitcoin (i.e., if only I have the private keys), then no exchange, no government, and no court can freeze or seize it.  Indeed, centralized exchanges can only impose KYC because when you use their services, you do not own the Bitcoin:  They own the Bitcoin.  If you are a good little doggie and roll over on command, then they may be charitable and let you use it—or maybe not.  If they decide that your KYC just ain’t good enough, then you will rapidly discover that “your” Bitcoin is not yours at all; and I will laugh at you.

HTH, HAND.

I have a habit that may upset some people:  I overwrite new disks with a pseudorandom bitstream.  Then, when I use a disk for data, I encrypt it in such a manner that there is no visible, unencrypted structure to the disk:  No header, no unencrypted metadata.  (How?  Magic—don’t ask!)

As a result, my house is filled with random-looking disks that may or may not contain decryptable data.  Some are hooked up to machines, and probably have data—if, that is, they are not hot spares.  The ones not hooked up to machines may be backup disks, or decommissioned disks, or new disks that I have never used.  All of these disks are indistinguishable from each other, to anybody who is not me.  To me, the disks are identified by serial number in a file that is stored encrypted.  (Don’t ask.  Security by obscurity is a part of defence-in-depth, except within the quite narrow purview of Kerckhoffs’ Principle.)

Occasionally, it has happened that a disk was lost or stolen.  I never worried too much about this.

The presence in my house of all these random-looking disks has oft tempted me with an interesting thought experiment:  What would happen, if I were to attempt passing the United States border with one of my disks?  A disk with encrypted data would be interesting.  A new, unused disk would be more interesting.

Don’t Be Stupid

I generally contemn the concept of “civil disobedience”.  That’s just a way for “TPTB” to induce potential troublemakers to paint targets on their own backs.  You don’t win by incurring to yourself avoidable trouble for nothing.  You win by making “TPTB” powerless over you:  By keeping your privacy, appearing mostly harmless, and secretly doing whatever you wanted to do anyway.  Open defiance gets you marked for life, when you are young and idealistic; and this limits your freedom of action in the future, when you otherwise may actually have become dangerous.  The system works out neatly for itself.  Make the system irrelevant.

That being said, for anyone who already has trouble at the U.S. border and doesn’t mind a bit more of it, my aforestated “thought experiment” suggests some amusing hijinks.

Say you buy a 12 TB hard disk for about 300 units of depreciating funny-money (“United States Dollars”), and pack it in your bag looking random.  Is it a new disk that you just freshened up with a pseudorandom bitstream?  Or is it packed with juicy data that you so happen to have encrypted?

Have fun explaining to the border police that you don’t remember.  But what if, seriously, you don’t remember?  I have lost data this way—long ago, before I devised better schemes for keeping my metadata straight.  I have stared at a disk, trying to remember whether or not I ever wrote any actual data to it.  Cypherpunks have a tough lot in life.

The scenario also presents some interesting philosophical questions.  Say you have a disk written with juicy unencrypted data:  Julian Assange’s secret diaries, Satoshi Nakamoto’s private keys, and your multi-terabyte pr0n collection (which is what the border police are most personally interested in seeing).  Now, you decide to destroy this disk with a cryptographic erasure:  You encrypt all the data in-place, then irretrievably destroy the key.  At the U.S. border, what is the legally proper answer to the question of the disk’s contents?

• “Pseudorandom data.”  This is strictly true.  You are not lying to the American police, which would be a “crime”.  But this introduces in turn another question:  What if the program you used to irretrievably destroy the encryption key was buggy, and you later discover that you had inadvertently retained the key all along?  Data remanence is a big problem, you know.
• “Encrypted data that I can’t decrypt.”  This is also true.  But you can be extraordinarily rendered and then beaten with a $5 wrench until They are satisfied that you are not lying—or until you’re dead.
• “Schrödinger’s Cat’s data.”  Amusing—until my caricature of the secret police decides to amuse themselves by locking you in a box with a gun triggered by a Geiger counter, etc., such that they can write up your status as “unknown and unknowable”.

It would be fantastically stupid to test these answers empirically.  At best, you would probably lose a disk worth 300 units of depreciating funny-money.

Supreme Confusion

Modern (or postmodern) laws are a game, invented to amuse people who have sufficient firepower to enforce the rules of their game.  Arbiters of those rules are called lawyers.

This question is for the lawyers:

What are the legalities attendant passing of the United States border with a disk full of pseudorandom data?

The problem with allowing passage of large amounts of pseudorandom data is that nobody can prove it isn’t encrypted data.  Note that there can here be no question of the burden of proof:  The question cannot be proved at all.  —Or rather, it could only be proved that the disk’s owner is lying, if the disk’s owner is lying, by decrypting the data.  If the disk’s owner is telling the truth, it cannot be proved that he is telling the truth.

And you know, national security would be totally destroyed by the Four Horsemen of the Cryptocalypse if you just let people walk across the border with 12TB of encrypted pr0n in a package the size of a small paperback book.

However, the government would look silly for prohibiting or harassing travellers who carry what are, in substantial essence, empty disks.  Seriously.  This is a real problem.  Upon purchase, I immediately overwrite every new hard disk I buy with a pseudorandom bitstream, starting at sector 0 and ending at the final sector, inclusive.  I have been doing this for about two decades.  If I were to travel to the U.S. (LOL), I may want to take a new disk with me.

Someone terrifically stupid needs to be a guinea pig (“test case”) for this, such that the question may be properly decided by the United States Supreme Court.

Quoted below as requested.  But the important part is to establish a fingerprint which people can check.  The fingerprint I observe is: 0xABE2DC997C2233012A86D8BE66F1B6C95688A943

Archival link changed to https: https://archive.li/ZabYw  ...and .onion, for Tor users: http://archivecaslytosk.onion/ZabYw

Edit:  Archive of this post (and the rest of the thread): https://web.archive.org/web/20180424215333/https://bitcointalk.org/index.php?topic=3323999.msg35510465#msg35510465


I agree with that assessment.  I see that you use Ed25519, which I also currently use for my identity key.

(Aside:  I am disappointed that the current draft in the process to revise RFC 4880 does not specify anything stronger, such as Ed448-Goldilocks.  I should probably do something about that.  It does prospectively specify Ed25519/Curve25519 as OpenPGP standard.)


This is always problematic for someone who exists as a nym.  How would you propose binding 0xABE2DC997C2233012A86D8BE66F1B6C95688A943 to “RGBKey” and the given e-mail address?  It’s not as if you would be flashing state-issued ID documents at me.  I think that some level of TOFU is necessary in these situations.  For my part, I have simply tried to spread my PGP fingerprint anywhere I can (forum post sigs, sigs in mailing list archives, etc., etc.).

As it stands, all I know is that somebody with sufficient Bitcointalk.org access to create a forum post as #182468 claims that key unidirectionally.  This could hypothetically include forum admins, blackhats, Cloudflare, the NSA...  There is no cryptographic binding of identity, and there can’t be, insofar as you may have no other cryptographic anchor to which to bind.  If you have a long-established, widely-published Bitcoin address, an X.509 certificate (LOL, CAs), or some other form of public-key crypto more or less strongly linked to “RGBKey”, that could be helpful.


The (weak) binding of forum uid #182468 → PGP key is unidirectional; I see no statement signed by the key, claiming uid #182468 “RGBKey”.  This is typically resolved with a clearsigned statement acknowledging the identity.  But if the Bitcoin Forum is especially important to your identity, you may want to instead add a PGP userid to your key specifying your forum identity.  All userids must be certified by your (C) key to be valid.  I added that to my key last month; please have a look:


In gpg, I specified “Bitcoin Forum uid 976210” as my “Name” and the URL as the “Comment”.  An OpenPGP userid is anyway only a single UTF-8 text string, as specified by RFC 4880 §5.11.  E-mail addresses are enclosed in angle brackets and comments are parenthesized by common convention, in the manner of RFC 2822; but if you do a hex dump of your public key, you’ll see that the User ID packet is just one string.

Also:  man gpg and look for --export-secret-subkeys; also, --expert --full-generate-key (which I presume you used anyway to get an ECC key).

This lets you generate a Certification (C)-only primary key plus signing (S) and encryption (E) subkeys on an airgap machine, then export only the subkeys to your networked machine (using a GnuPG extension which, to my knowledge, is only compatible with GnuPG).  This way, even if your networked machine is compromised, your identity is not; and you can issue new subkeys using your airgapped primary key.  Examine my keys to see what the result may look like.

Most people don’t seem to care about this; but I myself value the extra margin of safety for a pseudonymous person who exists only as a virtual identity.  My identity is anchored in a strictly offline key:  I am 0xC2E91CD74A4C57A105F6C21B5A00591B2F307E0C (or whatever other keys I may use that key to roll over to in the future, if and as better algorithms become available).

Edit 1:  I just noticed that you are currently using a 32-bit keyid in your personal text.  Please reconsider.  32-bit keyids are totally insecure; using fast ECC crypto (in that case secp256k1), I myself bruteforced keyid 0x69696969 in 1055.33375204 seconds on one core of an old laptop CPU.  See also https://evil32.com/.  I don’t trust 64-bit keyids, either.  The Bitcoin mining network currently does 2⁶⁴ work every few seconds.  For creating a “vanity” keyid, it is an amount of computation within reach of a powerful adversary (or anybody with access to a large distributed computing grid/botnet/whatever, plus lots of patience).  Whereas the full fingerprint is a SHA-1 hash (soon to be changed to SHA-256 with v5 keys), which is still secure against a full preimage attack.

---

Full quote of OP:

Quote from: RGBKey on April 15, 2018, 05:39:28 AM

Hey folks,

I've been a longstanding advocate of encryption, but I've come to realize that I don't really have an established PGP key to use for communications here. I've just created a new one (I created one ~4 years ago and have since lost it) and I'm going to publish it here and record it. I would greatly appreciate it if a few (please don't go too overboard) people would quote this post to establish it. I will also use archive.is to record this post and post it in a follow-up reply.

Here is my key:

Code:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEWtLazxYJKwYBBAHaRw8BAQdAgX5FwRIX6Vjq4cGZmrufz1/9PMBx40DcdTeD
Yw2P2Ry0GVJHQktleSA8cmdia2V5QGdtYWlsLmNvbT6IkAQTFggAOBYhBKvi3Jl8
IjMBKobYvmbxtslWiKlDBQJa0trPAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
AAoJEGbxtslWiKlDDF8BAOMjI3HkUOpMU1/qiFixKqB9DywR6WLtq/gO/1FuglFo
AQCK6+OKONT+dCxGRZShrolXpCd1hhGXWhkPU9yj5mvlCbg4BFrS2s8SCisGAQQB
l1UBBQEBB0A6iXCX3Rvd8SWXxDuqd8CFL1jtD7IeUaSlVEmx8OSAQgMBCAeIeAQY
FggAIBYhBKvi3Jl8IjMBKobYvmbxtslWiKlDBQJa0trPAhsMAAoJEGbxtslWiKlD
iGgBAILE2I8JZs2EVEtQiEVLi0/gZ7Mb5+/VIG7GAkmRsWV3AQD1pHktwUWF1i6G
Y4g5j275O69cp2muXydlsBr8fIXlBQ==
=CmTR
-----END PGP PUBLIC KEY BLOCK-----

It is an ECC key, which I believe is currently the best (or at least better than standard) key type to use.

I've also published it to MIT's keyserver.

If any established forum members would like to attempt to verify that I am who I say I am and sign my key, I would appreciate it.

If I've missed anything here, please let me know.

Hello, Teran,

Thanks for the thoughtful reply.  It’s rare to see such discussion.  I apologize for the delayed response.

Although I don’t know how Sporestack works internally, Lightning is actually ideal for your business model.  Your concern isn’t too clear, but I infer you think there is some need of per-customer accounting state.  If so, no, this is not the case.  It is not necessary to have a payment channel open with each customer.  You simply present customers with single-use Lightning payment requests which can encode much useful information, including the amount and the request expiration time.  Payment requests are designed to be embedded in QR codes, though you need a bigger QR code area than you do for a Bitcoin address.  This can be used by any customer who can find a route to your node (rather like the Internet itself).  Payments are source-routed; and there has been extensive work on onion-routing (exactly in the Tor sense).

Lightning overall keeps less state than on-chain transactions, insofar as the only global and/or permanently immutable state is in channel open/close transactions on the blockchain; information on individual payments is local and, if desired, somewhat ephemeral.  Also, you never really know where a payment is coming from, which should suit you fine.

Otherwise stated, Lightning will indeed support this business model:


Moving money respectively onto or off of your Lightning channels to fund a channel or “cash out” onto the blockchain is conceptually not too different than moving money between hot and cold wallets.  If you already run a Core node, clightning will work with that, too.

I may have more to say on these matters.  I do like your business model.  Yet to start with, I simply wanted to clarify about Lightning Network.

I hereby propose the addition of a new Humour score.  Unlike activity and merit points, humour points can be lost for humourlessness, literal-mindedness, broken sarcasm detectors, inability to grasp satire, or employment at a humourless alphabet-soup agency.

Humour will not affect rank.  However, those with zero or negative humour scores shall have their signatures displayed upside-down and backwards.  Also, such persons should carry a warning beneath their usernames:  “Jest with extreme caution.”

This is a serious idea.  @theymos, please implement it!

---

P.S., Dr. Cerimon shall must needs advise on how best to program the forum software to distinguish between good and ill humours.

A paid sarcasm shill once warned me about this sort of thing.


Oh, snap!  Thus, I suppose that Lauda had 0 virtue, and was the only user who had 0 virtue?  Together with the witchcraft hint, that would have been a dead giveaway; but unfortunately, I was off the forum most of the day and didn’t see Lauda’s “new new” stats.  Anyway, I figured that I could await virtue.txt.xz.

May I please change my username to the letter x repeated the maximal number of characters in a forum username, whatever that may be?  This would have maximal virtue.  It seems bland; but all forum users who desire to be virtuous must forthwith pray to have their usernames changed to maximal-length strings which do not include any of the letters L, a, u, or d.  However arbitrary this rule may seem, avoiding the Inquisition is no laughing matter; and sacrifices must be made in the War on Pill-Shaped Drugs Negative Trust Terror Flying Catbats Witchcraft!


Well, of course this could be done as a token built on any coin which already has Turing-complete VM.  This gives me an idea which, if implemented, would be even more spectacularly destructive innocently cute than Cryptokitties.

---

Pardon, theymos, sir; may I please take this opportunity to thank you for a joke I much appreciated?  Thanks.

Topic:	fMerit MLCG virtue underflow privilege escalation
Announced:	2018-04-01
Credit:	Tailored Access Operations Fort Meade, Maryland, U.S.A.
Severity:	Critical
CVE Name:	CVE-2018-18A1

I. Background

A linear congruential generator is not considered to be a CSPRNG.

II. Problem Description l33t sploit c0de

The modified linear congruential generator used to calculate fMerit has a biased distribution.  Users with low virtue may exploit this bias to uprank to Administrator, thus gaining total control of the forum.

To deter abuse, the 0day POC exploit has been coded in Brainfuck:


III. Impact

Bitcoin Forum pwned!

IV. Workaround

Switching from Cloudflare to a RFC 3514 compliant packet filter will stop the pwnage, and also prevent DDoS attacks—and also block Cloudflare.

V. Solution

Upgrade the fMerit system to use a properly seeded CSPRNG.

---

So, how long to process this before I get my badge?

Well, this is unfortunate.  I’ve quietly had my eye on Sporestack for over a year, with an eye toward future projects.  As an all-Tor, all-the-time ghost in the.nym.zone with no means of payment other than Bitcoin, it seemed well suited to me.  But I’m prudent in saving my bits; and I did not have an urgent need for a VPS.  Thus, I simply checked in every few months to see the latest developments—and now, when I have a potential immediate need for service.

FYI, pushing the agenda of Bitcoin distorters and their kakocracy will exclude Bitcoin zealots as your potential customers.  Case in point:  Me.

I’d say good-bye at this point, but I am curious:  If fees were the problem, as stated on the Sporestack website, then why didn’t you add Lightning Network support?  LN mainnet became active soon after you started “highly [recommending]” fake-Bitcoin.  Come to think of it, I may soon need some means to anonymously set up a Lightning node in the cloud.

I’m also curious as to whether your recommendation still holds when with Segwit addresses, for almost two months now, I’ve been paying fees sometimes as low as 1 sat/B (!), never higher than 5 sat/B.

An off-topic insult by Btrash shill #981616 “vsyc” has been archived and deleted from my trust feedback policy thread:


Retaliatory negative trust feedback from “vsyc” to nullius:

Date: 2018-03-25
Risked BTC amount: 0
Reference: (none)



Negative trust feedback from nullius to “vsyc”:

Date: 2018-03-12
Risked BTC amount: 0
Reference: https://web.archive.org/web/20180312074550/https://bitcointalk.org/index.php?topic=2399315.0;all


N.b. that “vsyc” first came to my attention on a thread wherein after theymos said this:


...“vsyc” proceeded to declare:



(...etc., ad nauseam...)

---

Historical note:  That thread saw my first direct involvement with immediate controversy on the Bitcoin Forum, although it wasn’t really an interesting fight due to the abject stupidity of Btrash pushers; e.g.:

Quote from: Mrpumperitis on November 14, 2017, 09:44:31 PM

ill say it here...BITCOIN CASH IS THE REAL BITCOIN

Yawn.

(But it is amusing that this should be brought up again today, shortly after I became involved in a discussion about how an open, honest form of ASICBOOST is coming to Bitcoin.)