XMR vs DRK

[Macno]

so what do you think guys. this thread will be a success if it managed to redirect some of the debate in our respective threads. is it a success? have you dark boys noticed a reduction in anti dark coin rhetoric in your thread since the creation of this thread? monero boys, have you noticed a reduction in anti monero rhetoric in your thread? just curious.

Well, as for the Dash thread, it kind of backfired. The smarter and more polite XMR supporters like smooth left and the trolls are still there, but they were kind of adopted as pet trolls now.
By the way: you had a "surprising" way to invite Dash "boys" to this thread with your opening statement including that picture.
As for me, the thread got me even more interested in XMR but I stil think Dash is fine.

[majamina]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

[toknormal]

I don't think people are realising what the real target is in terms of "compromise" here.

In Dash, you can't compromise a node just because you have access to a machine thats running it. It's the collateral address on the blockchain that needs to be compromised - otherwise the 'real' owner simply has to open their wallet, move the collateral and thats that attack neutralised forever. Moreover, masternodes are as decentralised as regular wallets - in fact they "are" regular wallets.

The only difference between the Dash network and a regular network is that the wallet daemon is dual mode - i.e. it has this "enhanced mode" that allows it to provide extended services to the rest of the network. But it's not a fixed target - it's a moving target because anyone can launch one anytime, point it at an appropriate collateral address and run that daemon in extended service (masternode) mode.

As far as "corrupting the network" goes, for an attacker with unlimited funds,  it's probably more optimal to just buy up gazilions of hashpower and perform a regular 51% on the blockchain rather than trying to take control of the masternode network. 2 reasons for that:

[1] - if they get "control" of a majority of masternodes, so what ? All they can do is provide a service ot the network

[2] - hashpower is unlimited - they can acquire hashpower in direct proportion to their budget. Acquiring a lot of masternodes is far harder because you need to get control of a majority of the money supply first

[dasource]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

30+ borders? that is taking it out of context.
Who needs to compromise borders when you can just issue notices to hosting companies? have you ever worked with agencies? I have and they have must easier ways to get access to data from hosting providers than the average joe knows.

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

[Johnny Mnemonic]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

It's absurd because you don't know how many MNs they need to compromise. You're assuming it's a lot, but it depends on what information they're trying to get and how much. Who says they need to unmask the entire network, when they can just pick off a few people here and there to send a message? The only identity they need to reveal is yours. Are you ready to take that risk?

Look, I'm not trying to troll you. I'm trying to say that a government agency with unlimited resources to bribe, seize, extort, or hack can achieve some very "unlikely" things... and if it did happen you wouldn't necessarily know about it. There wouldn't be an anouncement telling everyone that masternodes have been compromised.

In this regard I'm not implying Monero (or any other coin) is safe. XMR has some very elegant anon tech, but I still don't trust it against such an adversary. Maybe in the future with much higher mandatory mixins and i2p I'd feel more comfortable.

TLDR: No crypto is suitable for dark market trade yet. Not zerocash, not monero, and definitely not darkcoin. Don't bet your life on any such tech at this point.

[illodin]

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

Can you explain what is the data that they would snoop after hacking into a masternode?

[illodin]

If you're trying to protect your privacy from your neighbor, sure. Darksend is probably sufficient. However, If you're concerned about illegal activity or government level adversaries, no anon tech is ready for that (yet).

TLDR: "good enough" is never good enough when it comes to three-letter agencies. It's gotta be air tight.

I almost agree, except that I would also include illegal activities to the list of Darksend (and XMR) being sufficient to. Obviously I don't know, but I doubt your local police or even state police or IRS can just go to NSA and ask them to help out with their case concerning some drug dealer or tax evasion. Much less your neighbor, employer, or your insurance company.

If I wanted to do something safe from the NSA I don't even know where to begin. Wouldn't even want to touch a computer while doing it that's for sure.

[smooth]

If you're trying to protect your privacy from your neighbor, sure. Darksend is probably sufficient. However, If you're concerned about illegal activity or government level adversaries, no anon tech is ready for that (yet).

TLDR: "good enough" is never good enough when it comes to three-letter agencies. It's gotta be air tight.

I almost agree, except that I would also include illegal activities to the list of Darksend (and XMR) being sufficient to. Obviously I don't know, but I doubt your local police or even state police or IRS can just go to NSA and ask them to help out with their case concerning some drug dealer or tax evasion. Much less your neighbor, employer, or your insurance company.

There's no way to know what the hell is going on. We get tiny glimpses is all, often inaccurate or incomplete, possibly misleading information that was deliberately leaked for reasons that are hard to fathom. The iceberg principle applies, strongly.

http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/05/the-nsa-is-giving-your-phone-records-to-the-dea-and-the-dea-is-covering-it-up/

[majamina]

I don't think people are realising what the real target is in terms of "compromise" here.

In Dash, you can't compromise a node just because you have access to a machine thats running it. It's the collateral address on the blockchain that needs to be compromised - otherwise the 'real' owner simply has to open their wallet, move the collateral and thats that attack neutralised forever. Moreover, masternodes are as decentralised as regular wallets - in fact they "are" regular wallets.

The only difference between the Dash network and a regular network is that the wallet daemon is dual mode - i.e. it has this "enhanced mode" that allows it to provide extended services to the rest of the network. But it's not a fixed target - it's a moving target because anyone can launch one anytime, point it at an appropriate collateral address and run that daemon in extended service (masternode) mode.

As far as "corrupting the network" goes, for an attacker with unlimited funds,  it's probably more optimal to just buy up gazilions of hashpower and perform a regular 51% on the blockchain rather than trying to take control of the masternode network. 2 reasons for that:

[1] - if they get "control" of a majority of masternodes, so what ? All they can do is provide a service ot the network

[2] - hashpower is unlimited - they can acquire hashpower in direct proportion to their budget. Acquiring a lot of masternodes is far harder because you need to get control of a majority of the money supply first

tok, the argument they are making is that if you surreptitiously control enough MNs you can spy on what the nodes are doing and trace DS transactions.....it's nothing to do with controlling the money supply, just plain old hacking / compromising servers.

[majamina]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

30+ borders? that is taking it out of context.
Who needs to compromise borders when you can just issue notices to hosting companies? have you ever worked with agencies? I have and they have must easier ways to get access to data from hosting providers than the average joe knows.

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

so you think the NSA can persuade hosting companies in Netherlands, China, Khazekstan, Bulgaria, Russia etc to give up access rights / data?

you think the russian agencies can persuade US & canadian agencies to give up theirs?

see my point?

[BlockaFett]

I would urge DRK people not to get involved in the debate here.  The idea is to try to legitamise XMR as a contender to DRK by giving the pumpers on Poloniex text they can link to to show how 'xmr is the next dash!!! when XMR takes over LTC...!'.  Any argument you make will just get drowned out by one of the 5 Monero devs trolling here and you will never get a straight answer as they just repeat the same accusations whatever you say and avoid backing anything up.

check the market situation and how no one on big exchange like Bittrex or BTER will touch XMR and hence why the big exchanges never added it even after 1 year...no Poloniex pumping and XMR market cap will go < $100k like all the other cryptonote hack jobs...

[dasource]

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

Can you explain what is the data that they would snoop after hacking into a masternode?

Pretty much anything in/out of that VPS ... so IPs connecting on the drkcoin p2p network, DS transactions, ssh logins, grab the wallet.dat file and pull all the address this MN has used for DS transactions etc etc etc ... now if you have access to lots of MN with this data you could start to slowly piece things together.

[smooth]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

30+ borders? that is taking it out of context.
Who needs to compromise borders when you can just issue notices to hosting companies? have you ever worked with agencies? I have and they have must easier ways to get access to data from hosting providers than the average joe knows.

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

so you think the NSA can persuade hosting companies in Netherlands, China, Khazekstan, Bulgaria, Russia etc to give up access rights / data?

you think the russian agencies can persuade US & canadian agencies to give up theirs?

see my point?

Maybe not directly. But the hosting companies my be compromised (you know google was/is right?), or there may be third party channels, like the NSA has a cooperation deal with Armenia which has a deal with Bulgaria. Or the NSA trades some intel on Uyghurs to the Chinese government in exchange for cooperation with something in a data center in China the Chinese government doesn't much like anyway. The possibilities are endless.

[majamina]

I would urge DRK people not to get involved in the debate here.  The idea is to try to legitamise XMR as a contender to DRK by giving the pumpers on Poloniex text they can link to to show how 'xmr is the next dash!!! when XMR takes over LTC...!'.  Any argument you make will just get drowned out by one of the 5 Monero devs trolling here and you will never get a straight answer as they just repeat the same accusations whatever you say and avoid backing anything up.

I dunno, I think the debate has been quite reasonable and I'm enjoying it.

Nothing the XMR guys have said so far convinces me that DRK is not fit-for-purpose, so I'm keeping my masternodes for now and watching the market with interest.

[Johnny Mnemonic]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

30+ borders? that is taking it out of context.
Who needs to compromise borders when you can just issue notices to hosting companies? have you ever worked with agencies? I have and they have must easier ways to get access to data from hosting providers than the average joe knows.

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

so you think the NSA can persuade hosting companies in Netherlands, China, Khazekstan, Bulgaria, Russia etc to give up access rights / data?

you think the russian agencies can persuade US & canadian agencies to give up theirs?

see my point?

How do you know they can't glean enough data just from domestic servers? Can you specify which masternodes to use while mixing?

[equipoise]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

30+ borders? that is taking it out of context.
Who needs to compromise borders when you can just issue notices to hosting companies? have you ever worked with agencies? I have and they have must easier ways to get access to data from hosting providers than the average joe knows.

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

so you think the NSA can persuade hosting companies in Netherlands, China, Khazekstan, Bulgaria, Russia etc to give up access rights / data?

you think the russian agencies can persuade US & canadian agencies to give up theirs?

see my point?

Talking about Bulgaria - they definitely could and in Bulgaria about 75% of the ISP providers will silently and gladly cooperate. They don't even need to do that - they could get to the terminal where all those are centralized and skip the ISP providers and mobile operators. Again the Bulgarian government will most probably gladly cooperate. Hey, they don't even need to do that - there is a FinSpy server in Bulgaria: https://bivol.bg/en/finspy-bulgaria-mtitc-english.html

[smooth]

If I wanted to do something safe from the NSA I don't even know where to begin. Wouldn't even want to touch a computer while doing it that's for sure.

Agree on that point. Maybe the DRK advocates who are claiming otherwise can take some good advice from two people on opposite sides of the coin battle and stay safe on this one. If you are trying to hide something from the NSA (or their allies) the answer to the question of "XMR vs DRK" is neither.

[majamina]

Maybe not directly. But the hosting companies my be compromised (you know google was/is right?), or there may be third party channels, like the NSA has a cooperation deal with Armenia which has a deal with Bulgaria. Or the NSA trades some intel on Uyghurs to the Chinese government in exchange for cooperation with something in a data center in China the Chinese government doesn't much like anyway. The possibilities are endless.

sure, but there are lots of hosting companies in play, plus plenty of people not using hosting companies.....masternodes are running on raspberry pi for instance.

regardless, to compromise the MN network in the way you describe would require a massive international conspiracy between all governments where masternodes are hosted...sounds ridiculous to me.

[majamina]

Last year the Monero network was hit by one of the most sophisticated attacks ever seen in crypto (at least according to TacoTime). The idea that an NSA-level adversary could not silently compromise masternodes or defeat darksend through statistical analysis is just absurd.

Well let's hear why it's absurd, given they need to compromise 2,000+ nodes across 30+ international borders? Again I'm not being disingenuous, I'd like to know...

30+ borders? that is taking it out of context.
Who needs to compromise borders when you can just issue notices to hosting companies? have you ever worked with agencies? I have and they have must easier ways to get access to data from hosting providers than the average joe knows.

They can snoop on your data all day long and you will never know about it... the downside of virtualisation!

so you think the NSA can persuade hosting companies in Netherlands, China, Khazekstan, Bulgaria, Russia etc to give up access rights / data?

you think the russian agencies can persuade US & canadian agencies to give up theirs?

see my point?

How do you know they can't glean enough data just from domestic servers? Can you specify which masternodes to use when you transact?

masternodes are selected randomly - there is no way to predict where the transactions will take place, and with masternode blinding the masternodes themselves can't see which other masternodes are participating.

[majamina]

If I wanted to do something safe from the NSA I don't even know where to begin. Wouldn't even want to touch a computer while doing it that's for sure.

Agree on that point. Maybe the DRK advocates who are claiming otherwise can take some good advice from two people on opposite sides of the coin battle and stay safe on this one. If you are trying to hide something from the NSA (or their allies) the answer to the question of "XMR vs DRK" is neither.

quite possibly, which renders obsolete all the argument in here about global TLA/governemnt conspiracies to compromise the MN network.

So, DASH is fit-for-purpose as an enhanced Bitcoin clone with decent privacy features, instant transactions and other cool stuff in the pipleine