Bitcoin Forum
September 22, 2018, 02:11:11 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
  Home Help Search Donate Login Register  
  Show Posts
Pages: [1] 2 »
1  Other / Meta / The Rules of Spam, Bitcointalk.org Edition on: March 22, 2018, 09:00:03 PM
The Rules set forth below are here adapted for Bitcointalk.org use from the news.admin.net-abuse.email Rules of Spam, via the WWW version created by Mart van de Wege.  (Hat tip to Bruce Pennypacker for making this findable via WWW search.)  My additions for the Bitcoin Forum are marked out with orange attributions.  I may edit this post to add internal links, add new rules, etc.

These Rules distill the essential wisdom born of long experience by people who had been fighting spam since Usenet and e-mail spam were invented.  I now pass them on to a new generation, in a new medium, who suffer spam premised on widespread confusion over a radically new kind of money.





Rule #0: Spam is theft.

  • Angel’s Commentary: Spammers believe it’s okay to steal a little bit from each person on the Internet at once.
  • Nullian Commentary: When a spammer smells free money from ICOs, airdrops, scamcoins, and other P&D “projects” which inevitably rip people off in a zero-sum game, he believes that it would be genuinely unfair for him to not take a cut.


Rule #1: Spammers lie.

  • Russel’s Admonition: Always assume that there is a measurable chance that the entity you are dealing with is a spammer.
  • Lexical Contradiction: Spammers will redefine any term in order to disguise their abuse of Internet resources.
    • Sharp’s Corollary: Spammers attempt to re-define “spamming” as that which they do not do.
    • Finnell’s Corollary: Spammers define “remove” as “validate.”
    • Nullian Corollary: Spammers redefine “crypto” as “free money grab”, “opportunity for the poor” as “destoying the socioeconomic utility of mass communications”, and “dev team” as “spammers with an ETH token or unmaintained Bitcoin clone, a webpage, and the all-important ANN thread”.


Rule #2: If a spammer seems to be telling the truth, see Rule #1.

  • Crissman’s Corollary: A spammer, when caught, blames his victims.
  • Moore’s Corollary: Spammers’ lies are seldom questioned by mainstream media.


Rule #3: Spammers are stupid.

  • Krueger’s Corollary: Spammer lies are really stupid.
    • Pickett’s Commentary: Spammer lies are boring.
  • Russell’s Corollary: Never underestimate the stupidity of spammers.
  • Spinosa’s Corollary: Spammers assume everybody is more stupid than themselves.
  • Spammer’s Standard of Discourse: Threats and intimidation trump facts and logic.


Rule #4: The natural course of a spamming business is to go bankrupt.

  • Nullian Commentary: “Pump” is always followed by “dump”.


Rules-Keeper Shaffer’s Refrain: Spammers routinely prove the Rules of Spam are valid.


Nullian Law of the Conservation of Spammishness: Spammers never change.

Across space and time, throughout different media, spammers always exhibit the same characteristics in conformance to these Rules:  They steal, they lie, they’re stupid, their money-grubbing schemes are economically unsustainable—and they always provide exemplary demonstration of the validity of the Rules.

Whether the spam be Usenet spam, e-mail spam, forum spam, weblog comment spam, “SEO” search engine spam, spam with eggs, spam on rye, spam with bacon, spam soup, Internet spam, PTSN phone spam, snailmail spam, SMS spam, red spam, green spam, blue spam, “crypto” spam which is an abuse of that word, or other spam of any kind whatsoever, spammers are always the same.


Nullian Law of Social Opportunity Cost of Spam:  In addition to its direct damage to the usefulness of communications, spam has the hidden cost of absorbing the productive time of spamfighters.

This is a logical corollary to Rule #0, but of sufficient import to be its own top-level rule.

My instant motivation for pulling up the venerable nanae Rules of Spam was the moment when I realized I’d spent most of my past day’s forum time quietly fighting spam behind the scenes.  This led me to reflect somberly (and not for the first time) on people who do far more to fight spam than I do.  What positive contributions would they make, what productive work would they do, what creativity would they work, if their time and energy were not spent keeping the forum usable for everybody?

Since the dawn of time, such has been the unending dilemma of all those who wage war on the ugly:  Create beauty amidst a cesspool, or fight for an environment wherein beautiful things may exist?

“I want more and more to perceive the necessary characters in things as the beautiful:  —I shall thus be one of those who beautify things.  Amor fati: let that henceforth be my love!  I do not want to wage war with the ugly.  I do not want to accuse, I do not want even to accuse the accusers.  Lookingaside, let that be my sole negation!  And all in all, to sum up: I wish to be at any time hereafter only a yea-sayer!”Friedrich Nietzsche
2  Other / Meta / Suggestion: Raise merit requirements at the lower and highest ranks (@theymos) on: March 12, 2018, 11:53:04 PM
This post was mostly drafted on 27 February 2018.  It was delayed by some unlucky drama; I now post it on the negative one-year anniversary of when I can first be activity-eligible for Hero rank.

Starting with 17 merits awarded to some of my old Jr. Member posts by people who remember them, I reached the Hero threshold of 500 merits within 27 days, 8 hours, 16 minutes, 22 seconds of active posting.  All in all, from the moment that theymos announced the merit system, it took me 32 days, 9 hours, 14 minutes, 51 seconds to go from zero to Hero—at least insofar as merit is concerned.  Yet when I received my 500th merit, I still had a 98 activity level; the earliest I can reach Hero Member status will be Activity Period 1283, which will start during 12 March 2019.

This is not to brag about myself.  There is already a thread which somebody else started to do that for me; and anyway, the number below my name speaks for me, in and of myself.  Rather, I am offering an object demonstration in support of my suggestion that merit requirements for the highest ranks are far too easy.

Moreover, from discussions I’ve observed and also from patterns of abuse, I think some small adjustments are needed at the lowest ranks.  I do think that the middle ranks’ thresholds are fairly set for ordinary decent posters.

Here is my concrete suggestion for merit thresholds, with proposed changes set in bold.  Discussion of my reasoning follows.

___Rank___Threshold
Newbie0
Jr. Member10
Member30
Full Member100
Sr. Member250
Hero Member1000–1500
Legendary3000–5000



I do think that the merit requirements for ranks through Member through Sr. Member are currently optimal.  To rise in rank at the level permitted by activity currently requires earning merit at an average rate of just over +1/day.  I think that’s a reasonable expectation for an ordinary intelligent person who spends a moderate amount of time engaging in generally pleasant forum discussions.

But “Hero” and “Legendary” are such strong words; and the substance of successful ranking systems always holds the highest ranks to standards which not only increase, but accelerate.

Proud, unapologetic elitist though I am, I do not for one moment imagine that I be a superman.  If I can merit zero to Hero in four weeks, then surely any person who wishes to bear a rank and title of honour should be able to earn much more than a measly one merit per day.

Wherefore, I urge that @theymos consider the following adjustments:

  • The merit threshold for “Hero Member” should be raised to at least 1000, perhaps 1500.  I don’t really think that earning a bit over +2–3 merit per activity-day (or waiting a very long time) should qualify somebody as a “Hero”; but anything less is an insulting abuse of the term.
  • The merit threshold for “Legendary” should be raised to at least 3000, perhaps even 5000.  Likewise:  Can somebody who fails to average less than around +3–5 merit per activity-day be called a “Legend” with a straight face?  I fear my standards are too low here.

Don’t simply be proud of these titles:  Make them signify an achievement to be proud of!



Of course, I waved my hands past one obvious flaw in premises:  I infer that the system is designed so that good posters “rank up” at about the same rate as before; and I agree with that goal.  But the mechanism does not enforce it.  A system with a “merit velocity” measure would surely be an easy programming task; however, it would be unpredictable and confusing for humans.  On the latter account, I would argue against any such system.  Moreover, I suggest that this “flaw” is unproblematic.

If an ordinary reasonable poster steadily makes decent posts for years, plural, then they will enter the top ranks simply on the basis of seniority, patience, and predictable dependability.  It seems obvious to me that such a person is here for all the “right reasons”, and barely even interested in matters of rank (or its potentially lucrative increase of privileges).  Certainly, I doubt that any spammer or account farmer could keep it up that long without being nuked by mods.



Final note:  Now is a good time to raise merit thresholds for Hero and Legendary.  I myself am the only person below Hero rank who has thus far passed the Hero threshold; and I hereby waive any complaints I might have if that threshold were suddenly doubled or trebled at this time.  Starting now, I’d have another year to reach the new threshold...

Anybody else who legitimately even comes close to having earned 500 merits is already Hero or Legendary.  Thus at this time, a change in merit rules for the highest ranks would neither have any impact on anybody (except me) who had already passed the higher thresholds, nor create any disparity between accounts which “ranked up” before and after the change of rules.

Changing the rules for Jr. Member and Member would cause some small unfairness.  However, the thresholds in question are trivial; and the unfairness and disparities thus caused would be commensurately insignificant.  It may be understood if somebody who had earned >500 merit were to be upset by a changing of the Hero threshold, especially if anybody else had already ranked up to Hero under the initial merit rules.  But anybody negatively affected by changes in the 10–30 merit range should see the disparity evened out within a very short time, if a good poster.  I’d expect that any complaints over such changes would only come from those who have been whining about the merit system in total, viz., wannabe spammers.

All in all, the time to make changes is when the merit system is still yet young.
3  Alternate cryptocurrencies / Bounties (Altcoins) / 😈😈😈 PGP 256% AIRDROP BOUNTY SIGNATURE SPAM CAMPAIGN! Old-school CRYPTO 😈😈😈 on: March 11, 2018, 11:59:29 PM

Announcing the.nym.zone’s


Airdrop Bounty Shill Payola Terms:

In exchange for your participation in this campaign, you will receive 2256%* airdrop bounty spam payola consisting of pretty good privacy for yourself and those with whom you communicate.

(* All airdrop percentages herein stated apply the same quality of maths as seen in a typical scamcoin.)

Privacy is one of the most valuable things you can have in this world.  It is priceless!  And the more you participate in this campaign, the more privacy you will get airdropped to you by virtue of natural consequences.  This is without a doubt the #1 most honestly highest-paying spam campaign ever seen on this forum!

By participating, you will also show off that you are elite and cypherpunk chic.  Laugh at the n00bs who think that “crypto” means a knock-off shitcoin scam.  You will be using old-school crypto, 90s cypherpunk style.

Remember that the more you spam for the pro-PGP, pro-privacy message of this campaign, the more elite you will be!

Incentives for posting:  The more high-quality posts you make (as judged by the merit they earn) while participating in this campaign, the more awesome you will be.  This will make you rightfully proud.  Bonus giveaway:  Replying in this thread with a post which is both witty and PGP-signed will give you a chance to show off!  (Non-PGP-signed replies may be nuked by me, at my discretion.)


Loading image...


To be eligible for airdrop, users must follow these rules:

0x0. Use PGP.

0x1. Use PGP!

0x2. Add at least one (1) PGP fingerprint to your signature.  A longid/shortid does not suffice:  You must devote space in your signature to at least one full fingerprint, at normal or greater font size.

To qualify, the pertinent key MUST be available through sks-keyservers.net.  Of course, it MUST be a fingerprint for your own key, as verified through below requirements.  It MUST contain uid(s) with valid e-mail address(es) which people can use to contact you privately, using PGP from any other mailserver in the world (Protonmail is unacceptable).  If you are able to place links in your signature, then your PGP fingerprint MUST hyperlink to EITHER your key on sks-keyservers.net, OR on a website belonging to you or to some group or company of which you are a part (not on Keybase).  See my own signature for an example.

Note for those who already display full PGP fingerprints in their signatures:  I suggest that you follow the above-described format.  But if you don’t want to change your signature, I will consider it “grandfathered” if you post a link to an archive on web.archive.org or archive.is, showing a post of yours with your signature before the original timestamp of this post.  Of course, you will still need to follow the other rules, including a PGP-signed joinder message in this thread per Rule 0x4 below.

Privacy note for n00bs:  As true whenever you distribute a PGP key, your e-mail address(es) will be available through your key’s uid(s).  This is how the Internet is supposed to work:  You give out an e-mail address, so that people can contact you.  People connect.  Magic happens!  —  I do realize that not everybody on a Web forum wishes to expose an e-mail address.  Thus, I suggest two solutions:  Consider using a mail provider with excellent spam blocking.  Support my feature request for a forum remailer, in lieu of PM.

0x3. Add the words, “Use PGP!” (or another pro-PGP message of your creative choice) to your signature.  If you are able to place links in your signature, then the text must hyperlink to this thread.

0x4. Make a post in this thread to join the campaign.  Requirements are further stated below.

0x5. Spam the forum with high-quality posts which earn merit.  Users who fail to spam the forum with meritorious high-quality posts may be kicked out of this campaign, at my exclusive discretion.

0x6. Spam your friends by PM, e-mail, knocking on their doors, etc., to preach to them the good word that they should Use PGP!

0x7. Spam the hell out of Twitter, Facebook, Telegram, Reddit, and every other “social media” site and communications channel, with messages promoting PGP use!  Note:  I don’t use any of these sites, so I can’t check up on this requirement.

0x8. If you show patent evidence of having failed to read the rules, then you will be banned from the campaign for a duration at my discretion (likely permanent).  If you include a Bitcoin address in your PGP-signed joinder statement, then you will be permabanned from the campaign.  If you have negative trust, then you may be banned from the campaign at my discretion.  I may ban anybody for any reason or no reason, at my discretion.

0x9. These rules may be changed by me at any time.

0xa. Use PGP for your personal correspondence, your business correspondence—all your online corespondence, all the time!  If any of your correspondents do not use PGP, then you should send them a PGP-signed message explaining to them they should use PGP.

0xb. (Optional)  Staple copies of the Cyphernomicon, The Crypto Anarchist Manifesto, A Cypherpunk’s Manifesto, and other suitable propaganda to local lamp-posts, trees, goldfish, etc.

0xc. (Optional)  If you are female and attractive, use PGP-encrypted e-mail to express your intense desire for me.  Otherwise, just send me a PGP-encrypted “hello”.

0xd. (* Required)  Use Bitcoin.  Bitcoin is cypherpunk money.  Satoshi Nakamoto fulfilled a decades-old yearning when he invented Bitcoin!

0xe. (RECOMMENDED)  Take the next steps to securing all your communications, such as by using OTR for instant messaging.

0xf. Use PGP!



Requirements for joinder post:

To officially join this spam campaign, you must post in this thread a PGP clearsigned statement with the following information:

  • Lusername and forum uid
  • Your PGP fingerprint
  • URL where your PGP key can be easily downloaded by lusers who don’t know how to use keyservers, meeting the requirements stated above.  KEYBASE LINKS DO NOT MEET THIS REQUIREMENT.
  • Optional:  If your primary key(s) are certification-only and kept exclusively on an airgap machine, you MAY say so for extra elite-points.  Although there is no way for me to verify that you actually use an airgap machine, if you make such a statement, I will verify that you have a (C)-only primary key.  n00bs, if using GnuPG:  man gpg and look for --expert --full-generate-key and --export-secret-subkeys.  As for advice if you can’t figure it out (but first, RTFM and try).
  • Optional:  Iff you plan to spam Twitter, etc. with messages promoting PGP use, please provide a link to your account so that others can follow you.

The statement MUST be PGP clearsigned.  Those who post unsigned join requests will be banned from the campaign.  You may enclose the statement in [code] tags if desired, or not if not desired.  The important part is that I must be able to verify it.

The statement MUST NOT contain any Bitcoin addresses, or other payment info.  Those who post join requests containing payment addresses will be permabanned from this campaign.  This rule is set so I can easily drop-kick bounty chasers who post in this thread without reading the rules.  Other than this, you may include other info and/or witty remarks as you desire.

Keybase links are not accepted, because I want to push people to get their keys out onto keyservers.

A live example of a statement meeting the above requirements:

Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Lusername: nullius (#976210)

PGP fingerprint (ECC): 0xC2E91CD74A4C57A105F6C21B5A00591B2F307E0C
https://sks-keyservers.net/pks/lookup?op=get&search=0xC2E91CD74A4C57A105F6C21B5A00591B2F307E0C
Certification-only primary key on airgap machine: true

PGP fingerprint (RSA): 0xA232750664CC39D61CE5D61536EBB4AB699A10EE
https://sks-keyservers.net/pks/lookup?op=get&search=0xA232750664CC39D61CE5D61536EBB4AB699A10EE
Certification-only primary key on airgap machine: true

“‘If you’re not doing anything wrong, you have nothing to hide.’
No!  Because I do nothing wrong, I have nothing to show.” — nullius

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSNOMR84IlYpr/EF5vEJ5MVn575SQUCWqXCiwAKCRDEJ5MVn575
SWOqAQCbAtG6sQ9UDkrViVuEjAXMHbOEbuk/D7c/sq77s8woTwEAocoR1d0hr8EE
UOnIWtWmB6dfZs86E0SfGdJKSolQSAE=
=dNtc
-----END PGP SIGNATURE-----

With that, I myself join this campaign!



Code:
#ifndef FOURTH_WALL

Meta:

Why am I doing this?

I am sufficiently passionate about PGP use that I would put on a live public sex show to promote it.  For a serious discussion, see “On the virtue of Ciphersex”.  Moreover, I struggle with an internal conflict over signature advertising campaigns.

I like signature ads (or at least tolerate them) when they make it worthwhile, or even make it possible for smart people to devote huge chunks of their lives to an Internet forum.  I highly respect some people who carry paid sig ads.  And I myself may come to face a pragmatic necessity for a paid signature ad.

But I really dislike the concept.  The old-school net curmudgeon in me feels that the purpose of a signature is for PGP fingerprints, witty quotes, and links to one’s own personal/business websites.  It’s a matter of culture; and culture is pervasive.  When I recently saw this opinion about how the forum thrived before paid signature advertising was invented—yes, I get it:

Would you also be happy if all the signature campaigns are removed from the forum ? That will make all the merits and ranks useless than right.

Radical solution lol, most users would be done using this forum.

Nonsense.   Five years ago there were no signature campaigns, and bitcoin was worth a few dollars.  This forum thrived back then.

Part of my motive behind this campaign is to create at least a modicum of positive social counter-pressure against monetary incentives.  Taking myself as an example:  The amount of money I could already get for a sig ad is very significant to me.  It’s painful not to take it.  One reason why I thus far don’t, is that I look at my PGP key fingerprints—and I get sad.  Negativity against sig ads is only one part:  I feel a positive urge to keep what I already have there.  Money needs to compete with something which has non-monetary value to me.  I want to induce others to feel the same way.

Code:
#endif /* !FOURTH_WALL */



End-User License Agreement:

By copying, quoting, or even reading this post, you irrevocably signify your agreement to be forever bound by the following terms and conditions:

Code:
/**
 * ----------------------------------------------------------------------------
 * "THE BEER-WARE LICENSE" (Revision 42):
 * <nullius@nym.zone> wrote this file.  As long as you retain this notice you
 * can do whatever you want with this stuff. If we meet some day, and you think
 * this stuff is worth it, you can buy me a beer in return.   "Michael Cassio"
 * ----------------------------------------------------------------------------
 */

(Shamelessly pilfered from the original Beer-Ware License by Poul-Henning Kamp.)



Credits:

4  Other / Meta / Feature request: Forum remailer on: March 11, 2018, 11:00:05 PM
I hereby suggest a forum remailer to integrate with and complement the PM system.

Why?

  • Privacy.  It is infeasible to use PGP for each and every PM.  Good mail clients integrate neatly with PGP/GPG, making secure communications convenient and nearly transparent; but many forum users will decline to give out an e-mail address, even if I suggest a good e-mail provider for this purpose.  A forum remailer would facilitate PGP use, provided that it must pass PGP/MIME without mangling it.
  • Usability.  The PM interface is—suboptimal, to put the matter politely.  (Frankly, I hate it.)  With e-mail, people have a choice of clients and can choose their own user interfaces.
  • Resources.  A remailer would only need to store spooled messages for long enough to pass them on to their destinations.  The PM system must store messages for as long as a user desires not to delete them.

It is difficult for me to make a specific suggestion as to how this should work, when I do not know anything about the forum’s internals.  Conceptually, I think a remailer could dovetail with the PM system.  For receiving, users could choose to opt-in to the remailer—whereafter they would no longer receive PMs, and all remailed messages plus PMs would be (only) forwarded to their registered e-mail addresses.  For sending, users could unilaterally send mail to uid@users.bitcointalk.org; the recipient would receive the message as a PM, or via the remailer if opted in for it.

Note:  The message format for “remailed” PMs would need to be much different from the format currently used for “new personal message” e-mail notifications.  It would need to preserve formatting, respect MIME parts for messages sent to the uid@ address, and provide From/Reply-To information which would automatically cause replies to pass through the remailer.  Making this non-ugly is actually the biggest practical problem I can think of.

I have previously suggested this here in Meta, off-the-cuff:

Re drafts - e.g. if I open a VM for Bitcointalk I will probably use it for a few days so good enough for me although TBH I'm not into long essays. Sometimes when I need to save it for longer I send it in a PM to myself.

PMs here are a disaster, in my opinion.

Feature suggestion for a “crypto” forum:  An opt-in remailer, which would let me send mail to suchmoon@users.bitcointalk.org—or maybe 234771@, since usernames here can contain charcters which are problematic.  (Problematic, despite being allowed by the original RFC 822.)  Spam could be curtailed by requiring SMTP envelope FROM the registered e-mail address, and obeying SPF records, etc.

That way, I could use the very convenient PGP functionality of my mail client.  Plus its drafts box.

I should start a new Meta topic.  Watch for it.
5  Economy / Service Discussion / Review: mailbox.org e-mail; pseudonymous friendly, antispam, €1/mo. (pay in BTC) on: March 11, 2018, 10:37:03 PM
This review is neither solicited, nor compensated.  I have no affiliation with mailbox.org, other than as a happy customer.



It is no secret that I use mailbox.org:  Their mailer hostnames are in the MX and related records for nym.zone, plus in the headers of all mail received from me (including by publicly archived mailing lists).

Although mailbox.org is popular on some other “crypto” forums, the only discussion I could find here is a German thread from 2015.  Thus, I wish to tell Bitcoin Forum users of my experience with this service.  Rather than writing a wall of prose, I will reduce the major points to three separate bulleted lists:  Positive, Neutral, and Negative.

Note:  mailbox.org offers a plethora of features, most of which are unused and untested by me.  I can only review their core service:  E-mail, sent from/downloaded to my own localhost.

TL;DR:  Overall, highly recommended for pseudonymous users who want reliable service and strong anti-spam for €1/month, payable in Bitcoin.



Positives:

  • Friendly to anonymous/pseudonymous customers.  They explicitly state that “anonymous registration at mailbox.org is absolutely possible”.  The only information they ask at signup is a name—which they explicitly hint that they cannot verify—plus a country for VAT reporting purposes (also unverifiable), and a language for the Web app user interface.
  • Excellent anti-spam protection.  The company which provides this service, Heinlein Support GmbH, does antispam as their bread and butter.  I have been freely spreading my address nullius@nym.zone around the Web and on mailing lists, with no attempt to obfuscate it.  I receive very little spam; and whatever spam I have recently received seems to be targeted to Bitcoin Forum users (ICO spam).
  • Anti-spam system properly rejects with SMTP 5xx.  No junk folder to silently eat false-positive messages!  (I think they may (?) have recently added a “junk folder” option; but if so, it is optional and opt-in.  Avoid.)
  • .onion site, kqiafglit242fygz.onion, for access to POP, IMAP, and XMPP services—albeit not for the Web interface, which is necessary to control account settings and payment.  They also run their own Tor exit, which can be pinned; I myself don’t do this.  Their Tor information page discusses both their exit and their .onion.
  • Reliable service.  In my time as a customer thus far, I have never seen the service go down, or show any other signs of unreliability.
  • Located in Berlin, Germany, without connection to the Land of the Free NSL.  Servers physically located in Berlin.  Subject to German data protection laws.  Clear Data Privacy Statement.
  • Well-established company.  mailbox.org was started in 2013; but the people running it have been providing some form of network services since 1989 (!).  The providing company has existed since 1992.  In an era fraught with flaky startups, I feel more comfortable knowing that my e-mail will not likely disappear due to dumb hipster “founder” kids either flaking out, or getting “acqui-hired” by Google.
  • TLS certificates verifiable through DANE.  (Untested by me, since DANE does not work through Tor; I’d need to make as special effort.)
  • Network-level communiations privacy between servers can help lessen the exposure of metadata (not protected by PGP) to network observers.  To this end, mailbox.org attempts to use TLS for all incoming and outgoing SMTP sessions with other MXes.  They also provide an option through which you may refuse all mail not sent over TLS; however, this can cause you to be unable to communicate with people who use incompetently managed mailservers.

    All mailbox users also have a special alias which can only receive mail via SMTP over TLS; mine is <nullius@secure.mailbox.org>.  If you want to test whether your mailserver can do outgoing TLS properly, try sending me a “hello” at that address, and see if it gets rejected!
  • Use your own domain.  No extra charge.  If you set up a domain with a catch-all alias, you can download mail, filter on envelope-recording headers, and inject it into your own local mail system.
  • Reasonable prices.  For those who download and delete mail, unless you need lots of aliases for domains, it should never be necessary to buy more than the €1/month service level with a 2 GB mail quota.  Webmail users who need more space (or those who use the “Office” features I have not tested) have many other service options, all of which seem cost-effective for the resources provided.
  • Paid service.  Yes, that’s a positive.  So-called “free” e-mail never is:  If you’re not the (paying) customer, then you are the product.  I am a mailbox.org customer.
  • Payable in Bitcoin (but see negative below: Bitpay).
  • 30-day free trial.

Neutral characteristics:

  • Webmail “Guard” PGP features.  I myself do not use this, and have not tested it.  I think that overall, against real-world threats, it looks about as trustworthy as Protonmail; yet it has the significant advantage that unlike Protonmail, you can use it to communicate with all PGP users in the world, not only local users of the same service.  I think that this is a good “medium security” solution for people who need userfriendly webmail.  I would recommend that paid Protonmail users switch, and save some money:  For 5GB of quota, mailbox.org costs €2.50/month, whereas Protonmail costs €5/month (€4/month if paid annually).  Those who need or desire high security MUST always use private keys which never in any way leave their own hardware.  This German-language discussion seems savvy.

    Side note:  I myself would prefer to correspond with security experts who use their own keys on their own hardware.  However, knowing one’s correspondent is integral to opsec; and I know that I can only assess the expertise of a correspondent by evaluating the human element.  I would rather suggest that n00bs use mailbox.org Guard from their malware-infested PCs than try to tell them how to manage PGP private keys on the same computers from which their bitcoins get stolen.

Negatives:

  • Last-minute addition:  Bitpay is currently broken in a way which will effectually prohibit Tor users.
  • Bitpay.  #NO2X, “WE WILL NEVER FORGET.”  I don’t totally boycott all Bitpay services; but a service must be truly excellent for me to endure grinding my teeth whilst sending precious bitcoins to a Bitpay address.  @mailbox.org, please consider setting up your own node!
  • Even for POP/IMAP users, the Web interface must be used for account settings and payment purposes; and the Web interface requires Javascript, lots of Javascript.  Besides being unfriendly to people who disable Javascript for security reasons, the gobs of Javascript are slow to download over Tor.
  • Google CAPTCHA required (only) at signup.  (They actually apologize for this on the signup page.)
  • “Guard” PGP features (untested/unused by me) require some level of trust in mailbox.org.  As said above, I think overall their setup looks about as safe as Protonmail.  With Protonmail, the server could perform a targeted attack by provoding Javascript which phones home the decrypted private key; with mailbox.org Guard, the server decrypts the private key, and could keep it that way if desired.  Really, what’s the substantive difference?



I will update this review if/as necessary from further experience with mailbox.org.

Version history:

2018-03-11:  Initial post.

This thread is self-moderated for reason that due to experience with spam and trolls, I self-moderate all threads started by me unless there be a good reason to do otherwise.
6  Economy / Reputation / Who is nullius? #nulldox on: March 08, 2018, 08:31:23 AM
There have been numerous theories as to who I am, what alts I am alleged to have, etc., etc.  I think a thread is needed which will facilitate an investigation of those theories.

First hereby, I present various theories by Quickseller and Alia.  I will reserve two more posts at the top of this thread to fill in quotes of theories presented by other users.

This thread is self-moderated, but I intend to exercise that power with a light touch here.  Sling at me what you wish.  (This provision applies to me only; I may limit things slung at other users.  Also, I may delete anything which I think violates forum rules.)

First, the latest theory:

https://web.archive.org/web/20180308082505/https://bitcointalk.org/index.php?topic=3038096.msg31832627#msg31832627
nullius = Hitler. [...] #dox'd



Now for other theories, and/or discussion of real or imaginary evidence:



https://web.archive.org/web/20180307003614/https://bitcointalk.org/index.php?topic=2945878.msg30951105#msg30951105

Quote from: Quickseller
He is not. However he does have a vested interest in seeing that lauda maintains a positive reputation.

Instead of seeing that lauda acts with integrity, he tries to get others to overlook laudas unethical actions.

nullius is lauda. That is very clear. Anyone who does not see this is simply closing their eyes.

Or at least, thanks for closing your eyes so you no longer see that I am very clearly Lauda.
I don't think you are lauda anymore, which should be clear by the post you quoted. I do still think you are a very dishonest person who has a long history of dishonesty. This is not something new to you, considering how long people have been calling you dishonest around here....I am pretty sure there are threads from 2011 in which people were calling you dishonest.



https://web.archive.org/web/20180307004116/https://bitcointalk.org/index.php?topic=3009430.msg30943291#msg30943291
If you compare what words he uses to other users around here to the words that are used by other members around here, and on reddit on r/bitcoin you will eventually figure out who he is. (note: you will have to analyze more than just vocabulary, but also words used before and after words, and analyze this on a large scale).





https://web.archive.org/web/20180307003722/https://bitcointalk.org/index.php?topic=3009430.msg31078761#msg31078761
Only a ‘Member’ ? Got to be somebodies ALT, I think QS might be right. An alt of who though?
Look at when he started posting, what he advocates for, news related to major bitcoin companies and of course overall dishonesty and you will figure out who he is.



https://web.archive.org/web/20180308082404/https://bitcointalk.org/index.php?topic=3032057.msg31830746#msg31830746

Next, master-P will return
It is interesting that, you, being new here made this reference...



https://web.archive.org/web/20180307004229/https://bitcointalk.org/index.php?topic=3038096.msg31742889#msg31742889
[— snip —]

Ironic. You have a lot of bitcoin knowledge yet you have never had a btctalk account before? Bullshit. You're probably some neg-trusted scammer as well. Until you start talking with your main account, I'll just presume that your main account also has -9999 trust. Not that it makes a difference to me, but you're being hypocritical
7  Economy / Reputation / Humber*, CasinoExpert, et al.: Alts, account sales, merit abuse, etc. on: March 04, 2018, 11:22:47 PM
Thread split from the merit abuse thread in Meta, since TryNinja beat me to the punch with something I had been investigating.

This is a labyrinth of alts and account sales.  I may edit and/or add to this post as evidence accrues.  At this point, there is sufficient documentation to issue feedback to many of the below-listed accounts, with this post as the reference.



Alts, and/or sold accounts made by same individual, and/or otherwise closely connected accounts:




Prima facie merit abusers, not currently suspected of being alts of the above (evidence welcome):




Need corroborating evidence connecting “CasinoExpert” to 1Q8PWr4LLNqQcqAwMYA8QwEyhpJm9Z7qRm:

#652487 “magemist” has been widely making the following (archived) accusation against “CasinoExpert” in many threads; however, “magemist” is not a trustworthy accuser.  It is not unlikely that this information be correct.  However, in my judgment, it needs corroboration:

Have 0.03 BTC wanna sell

PM OR POST
Dont believe this fucker.

He is running a scam here using multiple accounts all linked by this one address:
https://blockchain.info/address/1Q8PWr4LLNqQcqAwMYA8QwEyhpJm9Z7qRm

Just look at all the payments made mine being the last one made.

Other accounts: Humberone, Davidxxx and alot more.

Francisco Carjavel is his name he gave out.

The 1Q8PWr4LLNqQcqAwMYA8QwEyhpJm9Z7qRm address is used by at least the following accounts (list is a work in progress):

  • #1106392 “HumbertDice”, registered 2017-08-13 15:08:25 UTC; Jr. Member; trust summary; red-tagged by Lauda 2018-01-19 for multiple abuses.  56 activity, 73 posts, 0 merit.  Last active 2017-09-25 19:31:37 UTC.  Evidence (archived):

    Loan Amount : 0.005 btc
    Collateral : Bitcointalk account
    Loan reason     : Personal payment
    Your BTC Address  : 1Q8PWr4LLNqQcqAwMYA8QwEyhpJm9Z7qRm
    Date of repayment  : 3/08/2017
    amount to repay 0.0065btc
  • #1342249 HumbertxD, registered 2017-11-23 15:17:28 UTC; Newbie; password recently reset, according to trust summary; red-tagged by Lauda 2017-12-07 for multiple abuses. 13 activity, 13 posts, 0 merit.  Last active 2018-02-18 01:24:05 UTC.  Evidence (archived) from OP of topic titled, “!!!!!!!!!!!!!Bitcoin transaction accelerator FREE !!!!!!!!!!!!!!!!!!”:

    Hello friend, I can help you to accelerate your free transactions and it would be good if you helped me to donate since I need for my operation

    Just leave your txid and your transactions will be accelerated in minutes if I am available

    Wallet donation: 1Q8PWr4LLNqQcqAwMYA8QwEyhpJm9Z7qRm

    Thank you



Cut and paste of notes from the Meta thread:

https://bitcointalk.org/index.php?action=merit;u=1644102

Replaced with archival links; red stars added to mark out posts merited multiple times:
Quote
Merit summary for HumberWins

Merit: 10

Sent in the last 120 days

Received in the last 120 days




- CasinoExpert also tells someone to contact him over the email francis1997a@outlook.com in this post.

https://web.archive.org/web/20180304231119/https://bitcointalk.org/index.php?topic=2751296.msg31219406#msg31219406

- The email francis1997a@outlook.com is connected to the user ser1ck which is a scammer connected to multiple scam accounts as explained by Timelord2067 in this post.



- The user HumberWins (who received 10 merits from CasinoExpert), uses the email caevajus8181@gmail.com in this post.

https://web.archive.org/web/20180304224458/https://bitcointalk.org/index.php?topic=2816184.msg28984243#msg28984243

- The user YoYoBot also uses the same email in this post.

https://web.archive.org/web/20180304224426/https://bitcointalk.org/index.php?topic=2665015.msg27182671#msg27182671

(Good catch.  I had not caught that e-mail yet.)


https://web.archive.org/web/20180304224409/https://bitcointalk.org/index.php?topic=3047492.msg31366785#msg31366785
8  Other / Politics & Society / On false dichotomies, Tweedledum vs. Tweedledee, and why YOU SHOULD NEVER VOTE! on: March 03, 2018, 11:56:40 PM
Thread split:

Which makes me think of another theory. The entire crypto space is under attack by Russians with an attempt to get nullius elected president of the US where nullius is really a US citizen.

What’s the probability?  (...that “WANTED” poster did say “politically incorrect”, did it not?)

As for US-USSR being distinct without difference—why yes, I think you’re right.  They’re evil twins.



@nullius

Trump or Hillary?

Obama is not up for vote  ;D

Neither are those two. Election ended 16 months ago, try to keep up.

Well, let’s consider the question in the hypothetical:

So, @criptix, do you mean the corrupt billionaire who once tried to turn some working folks’ homes into a casino parking garage, but now styles himself as a conservative hero of the working class—versus the corrupt millionaire political-Mrs. who drips empathy out of her limousine onto the welfare class who feeds off the working class?

At least, I think that Trump is marginally less likely to destroy the entire world than Hillary would have been.  I suppose that’s important to me.

Anyway, if I were American, I’d take Tweedledum.  No, wait—Tweedledee.  No—  I can’t decide!

I think the correct choice is neither.

Loading image of Tweedledum and Tweedledee...

This is why I say:  Don’t vote.  By voting, you grant your moral and practical political endorsements to a corrupt system:  An ochlocracy manipulated by a plutocracy.  The result is kakocracy:  Rule of the worst.

If you vote, then you are part of the problem.



(Note:  This thread is self-moderated, because I don’t want to inadvertently create yet another spam megathread for idiots trying to bump their post counts.  Illiterate one-liners and other low-quality posts will be deleted with extreme prejudice.  So will posts by both Trumpists, Hillary-drones, all Americans, and anybody who votes.  Hahah, just kidding.  Flame away!)
9  Other / Politics & Society / Why are Americans so fat? on: March 03, 2018, 11:54:09 PM
Seriously.  In both the East and the West, everybody asks this question.

Loading image...

Oh, dear me.  Pardon, I must go AFK to bathe my eyeballs in bleach.

Why!?



(This thread is self-moderated, because I don’t want to inadvertently create yet another spam megathread for idiots trying to bump their post counts.  Illiterate one-liners and other low-quality posts will be deleted with extreme prejudice.  Let’s keep this thread fit and trim.  But here, I will not delete posts I simply disagree with.  Flame away!)
10  Other / Meta / Ban evasion: Banned #1423316 “Anti-Cen” = #1801074 “RNC” ≟ #376659 “dinofelis” on: March 02, 2018, 07:42:41 PM
I hereby request that admins investigate and permaban this person:


The foregoing list may be edited by me if/as new evidence and potential new connections are discovered.

I have previously reported #1423316 “Anti-Cen” to admins for the following threat PM which “Anti-Cen” sent to me.  Alhough I have reason to believe that the user was banned shortly thereafter, I do not know the formal reasons for the ban.

Subject: YOU BIT OF SHIT
You will be trolled by me across the internet and I will show you for the lying bit of scum you are

Archived image:

Loading image of threat PM...

On 2018-02-26, “RNC” resurrected a thread from December 2017 with immediate attacks on achow101 and me, in that order.  I immediately recognized an “Anti-Cen”/“dinofelis” attempt to bait me into a flamewar (which I avoid in Dev & Tech); I thus promptly made it clear that I wasn’t biting.

Code:
        +-------------------+             .:\:\:/:/:.            
         |   PLEASE DO NOT   |            :.:\:\:/:/:.:          
         |  FEED THE TROLLS  |           :=.' -   - '.=:          
         |                   |           '=(\ 9   9 /)='          
         |   Thank you,      |              (  (_)  )            
         |       Management  |              /`-vvv-'\            
         +-------------------+             /         \            
                 |  |        @@@          / /|,,,,,|\ \          
                 |  |        @@@         /_//  /^\  \\_\          
   @x@@x@        |  |         |/         WW(  (   )  )WW          
   \||||/        |  |        \|           __\,,\ /,,/__          
    \||/         |  |         |          (______Y______)          
/\/\/\/\/\/\/\/\//\/\\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
==================================================================

Other users attempted to reason with “RNC”, until an argument escalated to the point wherein “RNC” defiantly admitted to being banned user “Anti-Cen” (archive as linked above; all formatting as in the original):


@DooMAD: This whole gibberish is exactly the tone and voice of Anti-Cen and dinofelis. Even the low level newbies here in the forum can make a text comparison on the posts, and understand that there is the same incentive, just under different names.

You are right, 100% right and indeed I am anti-cen which is short for anti censorship but here i met a nazi in the form of a moderator
who dare not allow open debate which I have reported and advise him to return back to 1930's Germany so that he can burn a few more books.

Yes please laugh by exposing a banned account but really the joke is on you if you need the service of a bias PR officer to protect you from a
few home truths around here.

The "newbies" here would be the ones your trying to convert into harden gambling addicts with the loaded propaganda that is being pumped out
here and this is why you fear me and ban number two is coming up so credit for spotting the obvious but i did not try to hide it anyway but your not that
smart because no one writes like me and you now need to apologize to dinofelis because your witch hunt lead you to an innocent man.

Would you like me to PM you a list of the bottom sniffers I have compiled here, paid thugs they send in since we are exchanging names not that your on the list and
I don't even hold it against you for exposing my real name that I would like back anyway.

Holly shit batman, RNC is Anti-Cen in disguise so I wonder why he's is having to do that Batman


Snapshot of the whole thread wherein “RNC” admitted to ban evasion:
https://web.archive.org/web/20180302174206/https://bitcointalk.org/index.php?topic=2617240.0;all

Snapshot of profile for #1801074 “RNC”:
https://web.archive.org/web/20180302175807/https://bitcointalk.org/index.php?action=profile;u=1801074

I know of no means to obtain an atomic snapshot of all a user’s posts; this is the closest I can get for #1801074 “RNC”:

https://web.archive.org/web/20180302174609/https://bitcointalk.org/index.php?action=profile;u=1801074;sa=showPosts

https://web.archive.org/web/20180302175055/https://bitcointalk.org/index.php?action=profile;u=1801074;sa=showPosts;start=20

https://web.archive.org/web/20180302175108/https://bitcointalk.org/index.php?action=profile;u=1801074;sa=showPosts;start=40

https://web.archive.org/web/20180302175130/https://bitcointalk.org/index.php?action=profile;u=1801074;sa=showPosts;start=60

https://web.archive.org/web/20180302175146/https://bitcointalk.org/index.php?action=profile;u=1801074;sa=showPosts;start=80

https://web.archive.org/web/20180302175150/https://bitcointalk.org/index.php?action=profile;u=1801074;sa=showPosts;start=100

I believe the case is clear for an immediate permaban of the individual behind the “Anti-Cen” and “RNC” accounts, on the basis of ban evasion.




In re #376659 “dinofelis”

“RNC’s” 12th post, made less than 8 hours after creating the account, was a reply to a subtopic titled “Re: DINOFELIS is the actual troll”—in reply to a user who had been addressing “dinofelis”.  Observe that “RNC’s” use of language, punctuation, and even odd line breaks are a perfect match for “dinofelis”:

That isn't what he said, and you know it.

dinofelis, your only discernible input on this forum is misrepresenting facts in a (kind of) subtle way. Well, you're also good at avoiding direct debunking of the things you say which aren't true.

You ought really to be banned, as it's too obvious that you're not interested in any kind of constructive debate, and never have been (unfortunately, dinofelis is likely the owner of many accounts that have been created with a suspiciously similar style of debate, only adding to the perception that the owner is very intent on wasting everyone's time on Bitcointalk.org)

Are you the one they send in to abuse people and if they answer back they get banned because many of you're posts seem to be picking a fight with people not
quite seeing things your way.

Quote
That isn't going to be happening, the best strategy with your posts is to skim-read them until one finds the deliberate errors you try to promote as facts

I wonder why you have not been banned or are you in with the owners ?

Archive:
https://web.archive.org/web/20180302175658/https://bitcointalk.org/index.php?topic=2786690.msg29667749#msg29667749

This occurred in a flame thread, soon thereafter locked by the moderator.

I noticed the “RNC”/“dinofelis” connection immediately, on 2018-02-05; but I did not say anything to anybody about it, until after I saw the same connection independently observed by another well-respected regular in Dev & Tech.  In addressing DooMAD’s attempt to reason with “RNC”, pebwindkraft said (boldface added):

@DooMAD: This whole gibberish is exactly the tone and voice of Anti-Cen and dinofelis. Even the low level newbies here in the forum can make a text comparison on the posts, and understand that there is the same incentive, just under different names.

I had noticed the “dinofelis”/“Anti-Cen” similarity before the “RNC” account was even created, although I kept such suspicions to myself.  Both accounts post long screeds attacking Bitcoin, Core developers, Segwit, the Lightning Network, etc., etc.  Both accounts make the same claim of superior knowledge; both accounts not only commit serious technical errors in their claims, but make the same technical errors.  Both accounts have similar style of writing, argumentation, punctuation, and formatting.

Although I kept earlier suspicions of alt accounts to myself, I had it on my mind when I previously mentioned the banned “Anti-Cen” in the same breath as “dinofelis” in a Meta discussion of Dev & Tech trolls:

A few recent examples of “misinformation” trolls:

  • In the thread I started on Bitcoin’s Public-Key Security Level (OP currently +18), Anti-Cen #1423316 posted so much gibberish about using Microsoft Windows RSACryptoServiceProvider(512) for Bitcoin keys (!) that I myself had difficulty wading through it to pick out the real replies so I could respond to them.  That has a real impact on readers.  Anti-Cen’s post history includes claims of his own extraordinary expertise to support grossly wrong technical statements about Bitcoin, extreme hostility toward Core, a persistent suggestion that fees be capped at 1.5 (without specifying a unit), etc., etc....  At some point, I gathered a representative selection of quotes from Anti-Cen’s posts.  As I have not hereto revealed publicly, Anti-Cen has also tried to bait me by PM.  I think that Anti-Cen is probably the most odious troll in Dev & Tech right now.
  • In a thread ChiBitCTy started on Important Lighting Network reading- for everyone! (OP currently +9, including +1 from me), dinofelis #376659 derailed the thread into discussion of his attack on nodes:  “Nodes are ‘vote by IP number’, which is what Satoshi wanted to nullify by vote by PoW”, “The only reason why they talk Joes into running nodes in their basement, is because bitcoin needs a story, and decentralization sounds like a good selling argument”, “nobody will give a shit that 10 000 Joes find their nodes switching off because they don't find the ‘right’ block chain any more”, etc., etc., plus a sprinkle of crazy:  “People very knowledgeable of that system cannot ignore the basic design principles of that system, can they ?  So there must be a deceptive reason for telling this [that the system is decentralized —Ed.], given that it is objectively wrong.”  I tried to cut the discussion offI mean it—so as to set the thread back on track.  Any thread which catches dinofelis’ attention is liable to go in a similar direction.  I see that Wind_FURY seems to be trying to draw fire, I presume to unclog other threads.  I’d expect that all the technically competent regulars must be sick of dinofelis.

[...]

I argue that the foregoing establishes a prima facie case for linking “dinofelis” as the primary alt of confirmed ban-evader “Anti-Cen”/“dinofelis”.  Whereupon, I request that admins investigate and take appropriate action.

I will also be investigating further, and dropping quotes/archive links into this thread.  I encourage other users to do their own investigations, and post their evidence.

Here’s to a troll-free Development & Technology Discussion forum.
11  Economy / Reputation / Hate mail from spammers and other forum abusers on: February 27, 2018, 10:17:00 AM
The purpose of this thread is to publish hate-mail, whines, threats, etc. I receive for spamfighting activity, in cases where no other pertinent thread exists.  If/where warranted, I may then use posts here as references for issuing negative trust feedback.



To inaugurate this thread, following is my very first hate-note specifically for spamfighting activities on this forum.  (I have previously (2018-02-16) received a PM threat from a troll who was subsequently banned.)



PM from: #1431219 “quyhj94”
Activity: 70
Merit: 0
Posts: 124
Account (archived) personal text: “Thu Quy”
Account current signature: “ARCBLOCK ┃PRIVATE SALE OPEN ON 12TH -28 JANUARY ┃ARCBLOCK  (https://www. arcblock .io/)” [spaces added to prevent URL from linkifying]

Prior history:  Merit-beggar who spammed the forum repeatedly begging for merit.  Red-tagged by me 2018-02-05, later by others.  Note:  #1809792 “littlepony” left this user two positive feedbacks on 2018-02-17, in a self-evident (futile!) attempt to counteract negative feedbacks.  “littlepony” has an account (archived) “website” field consisting of a reflink for bountyplatform.io.  I am red-tagging “littlepony” for trust farming; see below.  I should thank “quyhj94” for bringing this to my attention with its hate-PM.

Subject: Fuck you bitch !
Fuck you bitch !



After I post this, I will leave additional negative trust feedback for #1431219 “quyhj94” with this post as a reference, and the following comment:

Quote from: nullius
Vitriolically unrepentant merit-beggar.  Repeatedly red-tagged for merit begging and spamming the forum to beg for merit; negative feedback issued by me on 2018-02-05, by Vod on 2018-02-06, and by DannyHamilton on 2018-02-20.  Subsequently sent me a hate-PM:

Date: 2018-02-27 09:08:29Z
Subject: Fuck you bitch !
Text: “Fuck you bitch !”

Such a renegade response from one who has been caught doing wrong is demonstrative of an incorrigible and *untrustworthy* character.  AVOID.

(Note:  This account #1431219 was sent two transparent sham positive feedbacks on 2018-02-17 from #1809792 “littlepony” in a bald-faced attempt to counteract deserved and documented negative feedbacks.  See reference link.)

(Also note:  As of the time I post this, this account #1431219’s trust page bears the notation, “This user's password was reset recently.”  The same notation appears on #1809792’s trust page.  For investigative purposes *only*, I here articulate a suspicion that these “users” may be farmed and traded sockpuppet accounts.)

This feedback is made consistently with my trust feedback policy:
https://bitcointalk.org/index.php?topic=3009256.0



After I post this, I will leave negative feedback for #1809792 “littlepony” with this post as a reference, and the following comment:

Quote from: nullius
Trust-farming.  On 2018-02-17, #1809792 “littlepony” left two positive trust feedbacks for #1431219 “quyhj94” in a self-evident (futile!) attempt to counteract negative trust feedback which “quyhj94” had received for merit-begging and spamming the forum to beg for merit.

Pertinent history (excluding a neutral feedback for “quyhj94” 2018-02-05 for merit-begging, and also *another* negative feedback for “quyhj94” 2018-02-20 for merit-begging):

nullius’ negative feedback to #1431219 “quyhj94”
Date: 2018-02-05
Risked BTC amount: 0.00000000
Reference: https://web.archive.org/web/20180205161858/https://bitcointalk.org/index.php?topic=2818350.msg29662555#msg29662555
Comment: “Has spammed almost identical ‘Dear my friend’ merit-begging posts into multiple threads (one of which is archived in reference). FOR SHAME, AND FOR SHAME AGAIN! (Note: At the time of this writing, quyhj94’s trust page says, ‘This user's password was reset recently.’)”

Vod’s negative feedback to #1431219 “quyhj94”
Date: 2018-02-06
Risked BTC amount: 0.00000000
Reference: https://bitcointalk.org/index.php?topic=2818350.msg29662555#msg29662555
Comment: “Spamming the forum asking for merit.”

#1809792 “littlepony” positive feedback to #1431219 “quyhj94”
Date: 2018-02-17
Risked BTC amount: 0.00000000
Reference: (none)
Comment: “Why?”

#1809792 “littlepony” positive feedback to #1431219 “quyhj94”
Date: 2018-02-17
Risked BTC amount: 0.00000000
Reference: (none)
Comment: “I believe him, he is good man !”

(Side note that #1431219’s “Gender” field says “Female”.  On the Internet, who knows.  Anyway, she is not good man ! )
https://web.archive.org/web/20180227092533/https://bitcointalk.org/index.php?action=profile;u=1431219

(Also note:  As of the time I post this, this account #1809792’s trust page bears the notation, “This user's password was reset recently.”  The same notation appears on #1431219’s trust page.  For investigative purposes *only*, I here articulate a suspicion that these “users” may be farmed and traded sockpuppet accounts.)

Leaving sham positive trust feedback for the transparent dominant purpose of attempting to counteract deserved and documented negative feedback is *untrustworthy behaviour*.

This feedback is made consistently with my trust feedback policy:
https://bitcointalk.org/index.php?topic=3009256.0



Whines > /dev/null.  Otherwise, shall be published here.



Edited to add note about both #1809792 and #1431219 having recently reset passwords.  Both negative feedbacks have been adjusted to note this; also, to cross-reference the trust farming.  “For investigative purposes *only*, I here articulate a suspicion that these ‘users’ may be farmed and traded sockpuppet accounts.”
12  Economy / Reputation / #1183469 “trugad” trust farming (multiple users) on: February 25, 2018, 09:08:31 PM
This thread is a fork of a thread which was started by #1183469 “trugad”, then apparently locked by him after things didn’t go his way.  Besides providing a place to continue discussion if warranted, the principal purpose hereof is to discuss appropriate action as for users who sent positive trust feedback to “trugad” upon his own admitted solicitation:

And then another question: how to earn a positive "trust"? I asked my clients to write me a positive opinion, but they do not count.

Pertinent links:


Following is a mostly chronological list of users who have left positive feedback for “trugad”—based on the key date of 2018-02-21, when ibminer left “trugad” negative feedback.  Unless otherwise stated, allegation of risked BTC is 0.0 and no reference link is provided.  Almost all the comments are only generic praise.  Comments are quoted only where I have not previously provided documentation (new feedback in the past 16 hours or so).


I will immediately follow up with quotes of negative feedback which I myself have already left.  This provides further documentation, as well as translation of some Russian.  I have only processed a few thus far, since I don’t shoot from the hip; it takes time for me to consider these and write informative comments.

At my exclusive discretion, I reserve the right to publicly post any PMs received by me (0) on the subject of negative trust feedback left by me, and/or (1) in relation to such a public discussion as this one.

This thread is self-moderated to prevent trolling.  I will be fair.  In particular, I wouldn’t want to lose the posts of people who object to their own negative trust feedback; indeed, it may be noted, I tend to archive those.

This post may be edited to add or update information as the thread progresses, and/or to correct typographical errors.
13  Other / Off-topic / Nullian Trust Feedback Policy [Working Draft] on: February 24, 2018, 02:29:06 AM
This policy is conceptual and explanatory—not a binding promise, and not to be applied by me mechanistically.

Credit:  The concept (but not substance) hereof is loosely inspired in part by DannyHamilton’s merit sending policy.

The current version hereof is a working draft.  I expect that this post will be edited over time.  If/when I make significant modifications, I will archive old versions in some reasonable manner.



Positive trust feedback may be left by me in cases whereby:

0. I have observed a person’s character to the degree that I am willing to vouch that this person is trustworthy.  My judgments as such are extremely conservative.

1. I have engaged in a business partership with a person, or a business relation of similar magnitude, and found this person to be trustworthy.  If a definite amount of “risked BTC” can be objectively calculated, it will be stated in the amount field; otherwise, not.

2. I have risked a large amount of Bitcoin on a person’s trustworthiness, and found it thus sound.  The amount will be stated in the amount field.

3a. I have repeatedly risked moderate amounts of Bitcoin on a person’s trustworthiness over a long period of time, and found the person thus trustworthy.  This would add to and amplify earlier neutral feedback.

3b. I have risked a moderate amount of Bitcoin on a person’s trustworthiness, and have seen other substantially impressive evidence of this person’s trustworthiness.  “Risked BTC” may be stated.

4. I know the person “in real life”, and find this person to be trustworthy.  Outside myself, I have no linkage between “IRL” and “nullius”; thus, this is inapplicable.  I put this here as a conceptual note.

General note:  I am extremely conservative in matters of trust.  I do not trust easily; and most of all, I do not vouch lightly.  If you have been trustworthy to me and you do not receive positive feedback, please do not take that as a slight.  It simply means that I do not yet know you well enough to vouch for you to entire world.  Positive trust feedback from me is meaningful, because my standards are high.

N.b. that as of the moment I write this, I have never yet left anybody positive trust feedback.  I may issue some positive feedback soon.



Neutral trust feedback may be left by me for:

0. Transactions in which I have risked a small or moderate amount of BTC on a person’s trustworthiness, and thus found it to be sound.  The amount will be stated in the pertinent field.  (Many such transactions over a long period of time may result in me also adding positive feedback, as stated above.)

1. Opinions or other statements about a person, which do not pertain to that person’s trustworthiness.

2. Statements about the technical competency of an individual.  E.g., “This person is a Bitcoin expert, whose posts in Dev & Tech may be relied upon for correctness.”

3. Evaluations of a person which may in some way pertain to trust, but of which I am not sufficiently certain to issue positive or negative feedback.  E.g., “This person seems trustworthy to me; but we are only now just getting to know each other.”

4. Something wrongful which previously resulted in negative feedback, which the person has so fully corrected that I deem not only material, but also moral debts to have been repaid.  Expect for this to be rare or nonexistent.  I am not a forgiving person.



Negative distrust feedback will be left by me in cases of dishonest or otherwise criminal behaviour:

  • Scamming
  • Spamming
  • Abuse of the forum’s trust and/or merit systems:  Begging, “farming”, buying/selling, etc.
  • Account selling; materially deceptive use of alts (in practice, most uses of alts).
  • Theft
  • Fraud
  • Gossip, rumour-mongering, character assassination, misinformation, and disinformation (including mendacious promotion of scamforks).
  • Crime, whether or not listed here, as defined by my own moral philosophy and not by local legislation.  (Committing crime; or condoning crime in some egregious manner which goes beyond expression of reasonable opinions.  Some examples which come to mind in this context:  Drug dealing, kidporn.)
  • Threats of violence or other significant harm to innocent people.
  • Doxing of an innocent person; improperly seeking identifying information about an innocent person; or otherwise violations of privacy.
  • Improper or retaliatory negative trust feedback.
  • Any other behaviour which shows manifest dishonesty, a reprehensible character, or otherwise untrustworthiness.

The easiest way to understand my negative feedback policy is to observe that each and all of the foregoing are sound reasons to declare, “I distrust this person!”



This topic is self-moderated.

Do not request removal of negative trust feedback here.  Such posts will be archived and deleted.  Discussions of specific instances of feedback belong in the Reputation forum, if there be any discussion to be had.

Anything else may be deleted at my sole discretion.
14  Other / Meta / Cloudflare requiring Javascript for Tor users (and others?) on: February 23, 2018, 12:53:08 AM
[Edit:  @mods, apologies for making this a new thread.  I tried to post it in the Cloudflare thread.  When Cloudflare ate my post and threw me back to a blank form as described below, I did not realize SMF’s reply info somehow got lost—thus resulting in a new thread.  Meta won’t let me delete my own topic; I just tried.]


@theymos, you’ve always been supportive of privacy and security.  Please be aware that Cloudflare is blocking those who use Tor for the former, and disable Javascript for the latter:

Loading image of Cloudflare block...

This is not the first time this has happened.  Last time, you posted a note in some Meta thread indicating that there was a DDoS attack.  Usually, the forced-Javascript screen has gone away if I waited an unpredictable time; however, insofar as I can gather, waiting will only work from fresh browsers without “cf_*” cookies.

I observed 5xx Cloudflare errors, earlier.  It’s not even keeping the site up!  Unreliable, incompetent DDoS protection which decrypts all user traffic and forces users to let Cloudflare run unknown, unexplained code on their machines—this is not a very good deal.



Sorry this post is convoluted.  Cloudflare is now requiring users to keep Javascript enabled; I have not seen this before on this forum!  Cloudflare almost ate my post with its “examination” page; when I first tried to post, I was redirected to a blank forum.  It is fortunate that I use an external text editor...



I used some weird ephemeral setup to get in here and post this.  Since I am not inclined to run Cloudflare cavity-search code in the dedicated browser instance I use for the Bitcoin Forum, this is problematic.

Not-yet-working suggested workaround for JS-disabling Tor users:  Try moving cookies between a “weird ephemeral setup” and your usual browser.  I got a new “cf_clearance” cookie (with expiry time just over a day), but I must have missed something else.  (...such as the fact that it’s now continuously requiring Javascript.)
15  Other / Off-topic / poGium argues with nullius on: February 19, 2018, 11:01:32 AM
Transplanted from here, where it was continuing and escalating an off-topic argument wherein I’d said I’d avoid further reply.  I can’t stop the argument from escalating, since others are involved; so I will transplant it instead.

This thread is self-moderated, because there are too many trolls on this forum; in the interest of fairness, for this particular thread, I will not censor replies by poGium, or censor other replies simply on the basis of disagreement.  [Edit again:  Undid a thread subject edit which was not necessary after all.]

I'd love to be an alt of nullius.

Can you tell me exactly where I wrote that you are nullius alt account? That's the problem with this thread. It's not just about alt accounts that abuse the Merit system, but also accounts that abuse the Merit system, which are not alt accounts (between friends). And in my opinion, this is clearly happening. Friends who give other friends sMerits.


Well, Alia, were I your alt, then I’d be so much prettier.  Also, I would get paid to gratify myself.  Also, I would be able to gratify myself whilst receiving lessons from me in “the techy crypto stuff”.

By the way, congratulations on having invented Bitcoin!  (satoshi = nullius = alia)

And again. Where do I write something about alt account?

Can you tell me where either Alia or I said you did?  Your initial complaint vaguely alleged that we were “very suspicious”.  Another poster raised the alt-account issue in the sense of “obviously not”.  I’ve recently been accused of being both Lauda and Satoshi.  Alia and I have now been making fun of the idea.  Laugh.  It’s funny.

(For the record, I think that you have a grudge against Alia

I have no grudge against her or you.

I posited a grudge, because you had materially misrepresented her as if seeking to by drugs online:

About every week she opens a new thread. Either she wants to sell something (herself (no reproach!)) or she wants to buy drugs, or she wants to borrow money (in my opinion, for the strangest reasons  Roll Eyes) and so on. Honestly she seems very suspicious to me.

Any reasonable reader would infer from that that she was buying drugs online, which she was not doing in any way, shape, or form.  This misstatement by you was either careless to the point of negligence, or malicious.  I lean toward the latter, because you snipped from your reply to me the part of the quote with a link to the pertinent thread, so as to prevent readers to assessing the situation for themselves.

You quoted as such:

(For the record, I think that you have a grudge against Alia

...whilst omitting this important context (boldface here supplied):

(For the record, I think that you have a grudge against Alia, me, or both of us.  You grossly misrepresented Alia’s posts in another thread (discussion is halfway through the linked post).)

N.b., I myself snip quotes hard—but I am always careful to do so fairly.  (I do not trim down quotes here, because it’s a thread transplant; and I want for readers to see everything poGium wrote.)

She has shown me in her thread what morality she has in terms of girlfriend and boyfriend. I can not respect people who cheat on their partners! In her thread she has written that cheating is only bad when the other person finds out.

Why thank you. I don't condone cheating, but what she doesn't know won't hurt her - pretend you're watching ordinary porn. I wouldn't mind if she joined in, either Wink

You have evidently never heard the aphorism that “the prostitute0 protects the virtue of the wife”.  That’s ok.  It is usually only known to leaders, moral/political philosophers, and others who must grapple with the bare fact that the vast majority of men will never be satisfied with only one woman.  In a society which purports to be monogynous (not a typo—look it up), some sort of hypocritical pressure release valve is necessary; otherwise, many men would pursue the nearest available “other woman”, such as the neighbour’s wife.  This is one of several reasons why prostitution has been formally discouraged, but tacitly tolerated throughout history in many (if not most) civilized societies which purported monogyny.

Whatever you might be told at church, I suspect you’d much prefer for your neighbour to ogle Alia online—rather than getting wound up to the point of trying to scheme to seduce your wife.  Yes, that’s dichotomy; but those who understand human nature will know, it is not a false dichotomy.

(0. Alia’s not what many people consider a prostitute, since she only does this online.  I myself will avoid the hairsplitting.  Anyway, I prefer calling her my lovely meretrix.  Advantage to me:  I don’t expect that she would ever be in the least bit interested in my even pretending monogyny.  That’s important to me, because I am Mr. Principled:  I don’t lie or cheat.  That’s right, I’ve never cheated on a woman in the sense of going promising one thing and doing another.  I simply have never promised a woman that I’d be monogynous.  If a woman dislikes that, she is more than encouraged to seek elsewhere from the get-go.)

But let's get back to the merit system.

In this thread, the OP asks if it's okay to give a friend sMerits. The answers are clear, because it is said that you can give sMerits to a friend as long as the posts are high quality.

https://bitcointalk.org/index.php?topic=2835874.0

While we will not be directly moderating this, I encourage people to give merit to posts that are objectively high-quality, not just posts that you agree with.

In addition, theymos writes that you should give sMerits to posts that have an objectively high quality and not on posts you agree with. So as I understand it, you should not see the merit system as a "Like" button, but distribute sMerits to posts that have a high quality.

*sigh*

There is no way to prove a negative.

And now we look at this post. Did you give a sMerit here because it shows a high quality or because you (as always, it is ONLY nullius) agree?

First of all, you’re mixing different issues.  Deliberately, it seems.

You started this by formally accusing Alia (curiously, not me) of merit abuse,1 in a thread where DT members are actively red-tagging merit abusers.  To my knowledge, no DT member has ever red-tagged a user for (mis)using the merit system as a “Like” button.  Given the inherent subjectivity involved in a merit award, such a thing would be impossible to enforce!  Then to support your argument, you quote theymos saying what he would “encourage”—right after he said, “we will not be directly moderating this”.

(1. I mean “formally” in a standard format, replete with a section titled “PROOF”.  The standard-form part of your accusation only listed Alia’s profile and merit summary.  Later, obiter dicta, you said, “I think you should watch them” (thus including me).)

On the one side:  DT members (not moderators), enforcing one standards.  On the other:  theymos encouraging a different standard, but not moderating or enforcing it.

Second of all—well, as I said and you quoted:

I am not obligated to justify my merit award judgments

I did before, because I felt like it.  Now, I won’t bother; for you have not displayed even the slightest comprehension of any of the posts whereby you’ve questioned my judgment.  Readers can make up their own minds.

Third of all, I myself don’t buy into the pretense of total objectivity in merit awards.  It is neither desirable, nor humanly possible; and although objective factors should weight heavily, there will always be some level of subjectivity in such a thing.

By way of analogy:  It is possible for an educated reader for an objective reader to discern the fundamental distinction between good and bad poetry.  But even the most intelligent, discerning readers will not choose the same poems as their favourites.

sMerit supply is limited.  Favourites must be chosen.  I myself look for posts which have a baseline objective level of meritoriousness, then perforce choose my “favourites” between them based on a mix of subjective and objective factors.  Whereas I am more capable of objectivity than most people are, I think I do fairly well with that.

I am not obligated to justify my merit award judgments

What bothers me about the whole thing additionally is the double standard of some DTs. As I mentioned earlier, such a behavior is tolleriert, but on the other hand, other people are given a negative tag, because they get sMerits, which could have the same cause, as in this case.

(Red-quoted word addressed below.)

There’s no double-standard.  People who post junk and pump their merit score by trades with friends get red-tagged.  Friends and otherwise-related people who make generally high-quality posts are not red-tagged for finding each others’ posts meritorious.

The part you leave out in your allegation of a double standard is that the people who get red-tagged are posting garbage, and/or awarding merit for their friends’ garbage.  The omission is typical of people who whine about DT actions.  Usually, they whine for a reason—cui bono?  Quoting you:  “That is very suspicious...  I think [DT] should watch [you].”

So, on the face of the matter, we’re talking about a 19-year-old who has never tried drugs and is curious about them.  That’s it.  (How many 19-year-olds have never tried drugs, including marijuana?)

I never said that I find it reprehensible that she takes drugs. It's her decision, why should I care? I only mentioned it because she opened a thread to it.

Many people would find it reprehensible if she were trying to buy drugs online.  (That includes me, by the way.)  You misrepresented her with an insinuation that she was doing that—that she was doing something which many, many people (including me) would find reprehensible.

You also misrepresented her as doing something illegal.  Actually, you misrepresented her as doing something which would be a death-penalty crime in her country—as she has openly disclosed in the drug-related thread you omitted linking.  (There, she made it profusely clear that she would never possess drugs in her home country, ever—Amsterdam OK, at home not.)  I myself don’t give a damn about “law”; but misrepresenting her as doing illegal activity would make her look very bad to most people.

I find it interesting that you’re so outraged that a virtual meretrix does camshows for men who are cheating, yet you seem to think that drug use is none of anybody’s business (you said it’s “her decision”; so I suppose it must be a so-called “victimless crime”, ja?).  I find that morally backwards, insofar as drug use is both individual and social poison—whereas what Alia does is really quite harmless.

Given the attitude about sex, I’d ask if you were American; but your inadvertent use of the word “tolleriert” (quoted above in red) indicates a native speaker of the German language.  Interesting.
16  Economy / Reputation / Lauda is a WITCH, who cast an evil spell on me! BURN THE WITCH! on: February 18, 2018, 08:49:03 PM
Many of you have seen me speaking out in support of Lauda.  I must now purge my soul by coming forward to tell THE TRUTH:  My words and actions were not my own, for Lauda cast a spell on me using dark powers of witchcraft!

Lauda is a WITCH.  This witch must be BURNT AT THE STAKE!  BURN THE WITCH!  BURN!!!11

Hear my testimony, that I may be free of this hell-spawned influence:

As all men, I am fallible unto the sins of pride and vanity.  The secret cabal of BLOCKSTREAM CORE, of which Lauda is a minion, did sense in me this weakness; and they tempted me to attend their wicked rites under the full moon at midnight on 1 February 2018 UTC.  ’Twas a Blue Moon, and suchmoon as I have never seen!

I was stripped naked and bound to a tree.  Dark incantations were chanted, beneath the watchful gaze of a Segregated Witness.  Then stepped forth LAUDA, who invoked an evil name and held to my lips a goblet brimming with the potion of red trust.  Whereupon I became enthralled, a slave unto the whims of this diabolical power known as “Lauda” and by so many other wicked names.

Ever since that moment, I am become possessed by Lauda!

I call on all good people of this forum to cleanse this witch from our midst.

First, Lauda must be made to confess.  The WITCH must be burnt with hot irons, torn on the rack, and subjected to daily smear threads filled with rapid-fire baseless accusations (whereas “a lie a day keeps the cat at bay,” ’tis a quickselling proverb).  It is well-known that at trial for witchcraft, the witch will deny or even refuse to answer to witchcraft charges.  LAUDA MUST BE MADE TO ANSWER!

Then, Lauda must be BURNT AT THE STAKE as scammers filled with impotent lust for revenge Lauda’s VICTIMS watch the flames consume this servant of the devil:


Somebody with graphic skills, please edit to change to a cat.  Thanks.

I must thank the noble Quickseller for opening my eyes with his ceaseless inquisitions into Lauda’s evil, and also the valiant OgNasty for his manly courage in standing up to the witch Lauda:


The witch Lauda must be forced to confess, then BURNED!

BURN THE WITCH!

BURN!
17  Other / Off-topic / Ciphersex 101 [NSFW] on: February 17, 2018, 08:04:14 AM
[Note:  One of my motives which led to my unlucky assocation with Alia was my desire for someone to work with for an erotic Bitcoin art project.  For now, I will leave my intentions a mystery; but girls who have really gone Bitcoin should feel free to contact me if curious.  Moreover, I will revive and continue this thread if/when I have suitable other(s) with whom to make cryptolove.  For I believe in the virtue of Ciphersex, q.v. — nullius, 2018-03-08]



I’m here with the lovely Alia.  In case you don’t yet know who she is, Alia is the saucy lass who posted this two days after signing up for the forum:

I think I'm an outlier. If I have 100 merit in 30 days, I'll eat all my words and post a vid of me masturbating to a merit infographic

Whereupon I wrote her an open letter.  We hit it off.

Alia is enthusiastic about cryptography, a subject about which I myself am passionate in every sense:  I am thrilled by the touch of numbers, the look of elliptic curves, the scent of algorithms in rut, the sound of exponential moaning, and most of all, the taste of Alia’s own private cipher.  I offered to educate her:

Of course, I’d be happy to help you increase your technical knowledge.  I’ve spent plenty of my time doing that for people who are far less—charming.  When you see what secp256k1 looks like, you’ll understand my remark about your elliptic curves:


(N.b., that’s the same equation over the real numbers, and not over a finite field as the crypto actually works. https://en.bitcoin.it/wiki/Secp256k1  Nevertheless, it’s fun.)

What is your knowledge level of cryptography concepts?  E.g., could you explain in basic (non-mathematical) terms how the ciphersuites in PGP, TLS, etc. fit together?  Symmetric cipher, asymmetric cipher, hash function, etc.  Also, concepts such as the distinctions between integrity, confidentiality, and authentication.

I can teach you all these things, and much more.  I am looking for the starting point.

Now, how better do you learn?  In my lap, or on your knees with your head betwixt my legs?  I should mention, “in my lap” involves penetration.  Penetrating insights into your most private cipher.

P.S., if I can’t make you cum whilst instructing you on ciphersuites, then I will have failed as a teacher.

P.P.S., I do like helping others.  Do you want to take this show public with a “NSFW”-marked cryptography instruction thread in Off-Topic, or would you prefer to keep this between us?  Perhaps this could drive you business.

Now, how better do you learn?  In my lap, or on your knees with your head betwixt my legs?  I should mention, “in my lap” involves penetration.  Penetrating insights into your most private cipher.

The second one please  Roll Eyes

P.S., if I can’t make you cum whilst instructing you on ciphersuites, then I will have failed as a teacher.

Lmfao.

P.P.S., I do like helping others.  Do you want to take this show public with a “NSFW”-marked cryptography instruction thread in Off-Topic, or would you prefer to keep this between us?  Perhaps this could drive you business.

Let's do it; hopefully everyone can benefit from it

P.P.S., I do like helping others.  Do you want to take this show public with a “NSFW”-marked cryptography instruction thread in Off-Topic, or would you prefer to keep this between us?  Perhaps this could drive you business.

Let's do it; hopefully everyone can benefit from it

Do you mind if I copypaste from some of our PMs thus far, to get the thread rolling?  Privacy of private communication is sacred to me (excepting scammers, threats etc.)  Thus, I would not do so without express agreement.

Whereupon, I will start writing a didactic orgasm for you.

Perfectly fine by me, you have my enthusiastic permission to reveal all of our shared secrets

Welcome thus to Ciphersex 101.



N.b., this thread is self-moderated.  I will delete posts which are disrespectful of Alia and/or myself.  I will delete posts I simply dislike.  I will delete whatever I want to.  Keep it sexy, or don’t even try posting here.
18  Bitcoin / Development & Technical Discussion / Modulo Bias on: February 15, 2018, 07:11:56 PM
A few weeks ago, I promised this explanation to hatshepsut93; and I half-wrote it at the time.  I am making this its own topic, because that’s not the first time here I’ve seen people either ask about this, or make this mistake without even realizing it.  For those in a hurry, a code snippet is below.

Roll a six-sided die with output d between 1 and 6, inclusive.  Convert the results d to a 2-bit number b, using the equation b = (d - 1) % 4, where “%” denotes “modulo”.

Here is how all potential inputs map to all potential outputs:

Code:
Input d: 1 2 3 4
5 6

Output b: 0 1 2 3

As you can see, the output numbers 2 and 3 each have one way of being chosen; whereas the numbers 0 and 1 each have two ways of being chosen.  That is to say, 0 and 1 are twice as likely as 2 and 3.

This is “modulo bias”; and it must be avoided anytime you need to pick a uniformly distributed output number from a range which mismatches the range of inputs.

Now, consider the common use case of generating a random alphanumeric password.  Picking a password alphabet in ASCII order in the 62-character range of [0-9A-Za-z] using a random_octet % 62 (0x3e), we obtain:

Code:
'0' '1' '2' '3' '4' '5' '6' '7' '8' '9' 'A' 'B' 'C' ... 'x' 'y' 'z'
-------------------------------------------------------------------
00  01  01  03  04  05  06  07  08  09  0a  0b  0c  ... 3b  3c  3d  % 0x3e
3e  3f  40  41  42  43  44  45  46  47  48  49  4a  ... 79  7a  7b  % 0x3e
7c  7d  7e  7f  80  81  82  83  84  85  86  87  88  ... b7  b8  b9  % 0x3e
ba  bb  bc  bd  be  bf  c0  c1  c2  c3  c4  c5  c6  ... f5  f6  f7  % 0x3e
f8  f9  fa  fb  fc  fd  fe  ff  [!!! OOPS !!!]

Observe that the eight characters [0-7] can be picked 5 different ways, whereas the others [8-9A-Za-z] can only be picked 4 different ways!  As a result, each character in [0-7] will be picked 5/256 = 1.953125% of the time, whereas each of the others will be picked only 4/256 = 1.5625% of the time.  (The decimals given are exact.)  Although that doesn’t look like much, it is a relative difference of 8 characters being a whopping 25% more likely than the other 54 characters.  You do not want a password with those properties!

Please keep handy and adapt as needed the following algorithm for avoiding modulo bias, here presented as a C snippet which I here copy with minor modifications from from FreeBSD’s libc (it was copied from OpenBSD, and probably somewhere else before that).  The code comment (not written by me) explains how it works.  Over the course of years, it will save you many instances of shooting yourself in the foot:

Code:
#include <stdint.h>

/*
 * Add here a source of uniformly distributed,
 * cryptographically secure random unsigned 32-bit integers:
 */
uint32_t arc4random(void);

/* Begin (mostly) copied code: */

/*
 * Calculate a uniformly distributed random number less than upper_bound
 * avoiding "modulo bias".
 *
 * Uniformity is achieved by generating new random numbers until the one
 * returned is outside the range [0, 2**32 % upper_bound).  This
 * guarantees the selected random number will be inside
 * [2**32 % upper_bound, 2**32) which maps back to [0, upper_bound)
 * after reduction modulo upper_bound.
 */
uint32_t
arc4random_uniform(uint32_t upper_bound)
{
uint32_t r, min;

if (upper_bound < 2)
return 0;

/* 2**32 % x == (2**32 - x) % x */
min = -upper_bound % upper_bound;
/*
* This could theoretically loop forever but each retry has
* p > 0.5 (worst case, usually far better) of selecting a
* number inside the range we need, so it should rarely need
* to re-roll.
*/
for (;;) {
r = arc4random();
if (r >= min)
break;
}

return (r % upper_bound);
}


[This thread is self-moderated, based on experience; it is for on-topic technical discussion only.]
19  Economy / Reputation / Contract 2ca32f5 on: February 15, 2018, 04:47:38 AM
I have entered into a fully signed contract with a user on this forum.  The contract is dated 2018-02-14, and has the following SHA-256 hash:

2ca32f55ef88a9fe31f22b0abf5067b194fa67c60b3c335c3bb4ad73b4f3efab

I am creating this thread so as to have a convenient place to commit this hash in public.  I will promptly lock this thread and archive it; I will re-open it if/when results of the deal so warrant for any reason.

(Peter Todd would probably deem me lazy for not using real cryptographic timestamping; but for now, for this, this is “good enough”.)
20  Bitcoin / Development & Technical Discussion / segvan: Segwit vanity address & bulk address generator on: February 12, 2018, 06:05:03 PM
Note:  This is under active development, currently on an experimental branch offering 5x speedup.  I will post further updates when appropriate.



By popular demand:

Github: https://github.com/nym-zone/segvan

The code for this is reasonably solid, notwithstanding some inelegance in main() which will be refactored.  On FreeBSD, it’s been my dogfood for over six weeks; I have also built it and tried basic functionality on Linux.  But it needs error, warning, and usage messages—plus the manpage!

When there is significant news (such as major features or a Windows version), I will severely edit this post and bump the thread.

Two recent products (tips would be encouraging):


Those were done together, on one run with each key being searched for a Bech32 pattern and a nested “3” address pattern.  They took 500–600 CPU hours on an ultra-slow airgap laptop; for comparison, the same machine requires about 8 hours for a FreeBSD buildworld (!).  But I got lucky:  I hit a ^bc1qnullnym match after covering only about 25% of a 35-bit bruteforce search.  The other took a bit longer; but wasn’t so hard, because I permitted a potential extra digit: ^3[0-9]?segwit (case-insensitive matching).

Roadmap/TODO, in no particular order:

  • Add threading.  I always simply run one instance per core.  That doesn’t waste anything, because it is a probabilistic search:  There is no concept of “progress”, no need to keep instances synchronized in any way.  Threads would make it more convenient.  However, before I add a simple pthreads implementation, I want to investigate the impact on the next item.
  • Microsoft Windows version, likely via mingw.  This is in popular demand.  I can’t promise a binary on a platform I myself don’t even have in my house; but I will try to get a Windows binary made for folks who need it.
  • Change/adjust the output format.  The current output format is intended for piping to shell scripts, especially for bulk generation mode.  If you need to generate ten thousand address/key pairs and pipe those into a `while read` loop, then the current format is ideal.
  • Add warning/error/usage messages.  This started as an afternoon project for my own use.  The code is solid, despite some inelegance in main() which will also be refactored.  It’s solid, because I need it that way; however, unlike some of my other published software, this was not originally written with other people in mind.
  • Finish the manpage!
Pages: [1] 2 »
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!