Bitcoin Forum
April 24, 2019, 05:10:36 PM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 [826] 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 ... 2035 »
  Print  
Author Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency  (Read 4554480 times)
bigj
Full Member
***
Offline Offline

Activity: 198
Merit: 100



View Profile
October 30, 2014, 08:41:11 AM
 #16501

Another thought: Would it be possible to implement side chains with Monero technology?
It is possible to extend Monero to include the facilities necessary for side chains.

And the big difference with Bitcoin is that Monero is anonymous by default.


Smiley

Maybe a stupid question, but: Could side chains be used to mitigate scaling issues with a bloating block chain?
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1556125836
Hero Member
*
Offline Offline

Posts: 1556125836

View Profile Personal Message (Offline)

Ignore
1556125836
Reply with quote  #2

1556125836
Report to moderator
smooth
Legendary
*
Offline Offline

Activity: 2100
Merit: 1078



View Profile
October 30, 2014, 08:46:06 AM
 #16502

Another thought: Would it be possible to implement side chains with Monero technology?
It is possible to extend Monero to include the facilities necessary for side chains.

And the big difference with Bitcoin is that Monero is anonymous by default.


Smiley

Maybe a stupid question, but: Could side chains be used to mitigate scaling issues with a bloating block chain?

Not a stupid question. It is possible and it is something we've discussed. There are a number of ways this could work, but here is one to think about: You could have multiple side chains just like the original except each with only a fraction of the transactions. In fact it is possible to imagine an almost arbitrary number of these. Some complications arise, but nothing that seems totally infeasible.

Interesting, huh?

florida.haunted
Full Member
***
Offline Offline

Activity: 228
Merit: 125


View Profile
October 30, 2014, 08:47:50 AM
 #16503

Hello, and welcome to our sixteenth Monero Monday Missive!

Major Updates

1. We have made major strides in the initial database implementation (you'll recall from our last Missive that our first implementation will use LMDB), and it is very nearly ready for broader testing. Specifically: the new blockchain is working for most things, but there are bugs with certain aspects of block verification that need to be fixed before it can be more widely tested. If you are particularly intrepid you can already grab it here: https://github.com/tewinget/bitmonero/tree/blockchain and compile it, and thus assist in identifying areas where it breaks down, although such reports are probably best submitted as github issues to tewinget's repository to reduce duplication. Once these and any other major issues have been weeded out the next steps would involve a bit of refactoring, fix cross-platform nigglies, and open it up for general testing.

...SKIPPED...

PS. this Missive has the very great honour of being the first one to be finalised and very nearly posted from the airWink

- updated by fluffypony

May be late, but I give thanks to Monero devs that they keep new weekly schedule of Monero missive intact. I consider word 'missive' as your 'mission', dear devs! Smiley

Sorry I have no time right now to comment the Missive in depth. But I am very optimistic about ongoing progress and about you devs have selected LMDB to be the first Monero's underlying database.

Keep your progress! I am with you by soul!

P.S. Very nice photo from air, fluffypony! Wink
bigj
Full Member
***
Offline Offline

Activity: 198
Merit: 100



View Profile
October 30, 2014, 09:02:07 AM
Last edit: October 30, 2014, 10:41:54 PM by bigj
 #16504

Another thought: Would it be possible to implement side chains with Monero technology?
It is possible to extend Monero to include the facilities necessary for side chains.

And the big difference with Bitcoin is that Monero is anonymous by default.


Smiley

Maybe a stupid question, but: Could side chains be used to mitigate scaling issues with a bloating block chain?

Not a stupid question. It is possible and it is something we've discussed. There are a number of ways this could work, but here is one to think about: You could have multiple side chains just like the original except each with only a fraction of the transactions. In fact it is possible to imagine an almost arbitrary number of these. Some complications arise, but nothing that seems totally infeasible.

Interesting, huh?


Yes, that sounds extremely important for mass adaption!

With side chains you could create temporary sub chains to store (millions of) transactions without bloating the main chain. Imagine you are a credit card company, you could create a side chain for your business operations on a monthly basis. At the beginning of the month, you create a sub chain, run your (mass) business on that one, and at the end of the month, you simply merge it (its current state) back into the main chain to start all over with the same procedure the next month.

For Monero, that would be a 'HELLO WORLD' event.


ADD: https://coinreport.net/tree-chains-vs-side-chains-controversy-explained

ADD2: Regarding treechains, distributed (over the internet) hash tables might be useful as well...

babama
Member
**
Offline Offline

Activity: 76
Merit: 10


View Profile
October 30, 2014, 09:03:01 AM
 #16505

always test things out with small amounts until you get the hang of it.

 i am waiting for new wallet

翻墙利器----
BitNet(VPNCOIN)第二论赠币: Va8AWp6YNJTkPkev18RvFSr2CVPRq5rzYC
Eastwind
Hero Member
*****
Offline Offline

Activity: 896
Merit: 1000



View Profile
October 30, 2014, 09:18:18 AM
 #16506

Nothing (I'll type it again: NOTHING) is anonymous if it happens online. There are allegedly anonymous solutions like Tor or secure VPNs, but if somebody wants to find you (provided he has the resources) he will do so. A word for XMR. Do not post your addresses online, for this is the only address you have. I've seen many people doing so; dood if you don't mind revealing your address, what's the point of using XMR anyway?

This is small misunderstanding. Monero addresses are safe to post online, list in a public directory etc. They don't appear on the blockchain, and the only thing you can do with an address is send coins to it. You can't identify transactions that were sent to the address.

Of course, nothing is ever quite 100%, it is possible there may be bugs or flaws. However, that is the intent of the design.


If you buy your XMR on a centralized exchange, though, and the exchange keeps records of your withdrawals to that address, it could be linked back to your personal information if the exchange's records are ever disclosed.

Even though somebody else knows that you own that address, they cannot see what is inside that address. You can send money from that address to another address. That would make it unlinkable.
smooth
Legendary
*
Offline Offline

Activity: 2100
Merit: 1078



View Profile
October 30, 2014, 12:00:35 PM
 #16507

Nothing (I'll type it again: NOTHING) is anonymous if it happens online. There are allegedly anonymous solutions like Tor or secure VPNs, but if somebody wants to find you (provided he has the resources) he will do so. A word for XMR. Do not post your addresses online, for this is the only address you have. I've seen many people doing so; dood if you don't mind revealing your address, what's the point of using XMR anyway?

This is small misunderstanding. Monero addresses are safe to post online, list in a public directory etc. They don't appear on the blockchain, and the only thing you can do with an address is send coins to it. You can't identify transactions that were sent to the address.

Of course, nothing is ever quite 100%, it is possible there may be bugs or flaws. However, that is the intent of the design.


If you buy your XMR on a centralized exchange, though, and the exchange keeps records of your withdrawals to that address, it could be linked back to your personal information if the exchange's records are ever disclosed.

Even though somebody else knows that you own that address, they cannot see what is inside that address. You can send money from that address to another address. That would make it unlinkable.

Yes that is correct. I think what he meant was something like: If you have your public address on your web site (along with your name) and use that same address for an (otherwise anonymous) exchange, then the exchange account can then be linked to you, not through the blockchain, but through the exchange's own records of your address matching the address on your website.
Nyterax
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile WWW
October 30, 2014, 01:27:24 PM
 #16508

Nothing (I'll type it again: NOTHING) is anonymous if it happens online. There are allegedly anonymous solutions like Tor or secure VPNs, but if somebody wants to find you (provided he has the resources) he will do so. A word for XMR. Do not post your addresses online, for this is the only address you have. I've seen many people doing so; dood if you don't mind revealing your address, what's the point of using XMR anyway?

This is small misunderstanding. Monero addresses are safe to post online, list in a public directory etc. They don't appear on the blockchain, and the only thing you can do with an address is send coins to it. You can't identify transactions that were sent to the address.

Of course, nothing is ever quite 100%, it is possible there may be bugs or flaws. However, that is the intent of the design.


If you buy your XMR on a centralized exchange, though, and the exchange keeps records of your withdrawals to that address, it could be linked back to your personal information if the exchange's records are ever disclosed.

Even though somebody else knows that you own that address, they cannot see what is inside that address. You can send money from that address to another address. That would make it unlinkable.

Yes that is correct. I think what he meant was something like: If you have your public address on your web site (along with your name) and use that same address for an (otherwise anonymous) exchange, then the exchange account can then be linked to you, not through the blockchain, but through the exchange's own records of your address matching the address on your website.

Then that's not the protocol's fault but that of the laziness of the user

@Nyterax
BTC: 1McgGk69g82epdnxAdDQfMSXtUygZfL4vZ
dnaleor
Legendary
*
Offline Offline

Activity: 1442
Merit: 1000


Want privacy? Use Monero!


View Profile
October 30, 2014, 02:02:15 PM
 #16509

Does anyone here think monero could explode 100 times, during the next bitcoin bubble?


That depends on the bubble. For now, monero seems to be for the geeks only. I don't see the average user install it manually and operating it from a command line. That does not stop the public from trading it, of course.

Before the next btc bubble Monero will be usable by my fellow drooling masses.

Is btc going to explode 100x?  lol Grin  This May I heard btc was going to be 5k in July.

I've given up dreams of being rich.  My dinner tonight is a peanut butter and jam sandwich.  Though it will contain fine French raspberry jam. Smiley

personally, I think BTC x100 is less likely than XMR x100, but that is just me speculating off course Wink

Searching for a trusted escrow service? Check my trust. I use a Trezor device for my escrow services, so your coins are safe. Fee: 0.5% or 0.05 BTC, whichever is lower
I support the largest public transparent p2p ledger Bitcoin (16TwXyEmpz7xKHbyVufZECXGFmUH9wHUyW) and the best private fungible digital cash Monero (dnaleor.weuse.cash)
Cetere mi opinias ke Dasho estas detruenda.     |     1Credit - Fair emission, better than BTC > CLCqECaYpCahgKRsXJiVBzgsiz57ZHfr4u
NeuroticFish
Legendary
*
Offline Offline

Activity: 1834
Merit: 1190


There are no mistakes. Only opportunities wasted.


View Profile
October 30, 2014, 02:08:20 PM
 #16510

personally, I think BTC x100 is less likely than XMR x100, but that is just me speculating off course Wink

Yep, that's a very good point. However, if BTC continues the current trend, XMR x100 will mean "only" 75x profit... :-/





On another note, did I miss a missive, or it didn't come at all? (Shouldn't they be every week?)

dEBRUYNE
Legendary
*
Offline Offline

Activity: 1736
Merit: 1099


View Profile
October 30, 2014, 02:21:54 PM
 #16511

personally, I think BTC x100 is less likely than XMR x100, but that is just me speculating off course Wink

Yep, that's a very good point. However, if BTC continues the current trend, XMR x100 will mean "only" 75x profit... :-/





On another note, did I miss a missive, or it didn't come at all? (Shouldn't they be every week?)

It was delayed for a day, because fluffypony was traveling.

Original post is here

Monero Monday Missives

October 27th, 2014

Hello, and welcome to our sixteenth Monero Monday Missive!

Major Updates

1. We have made major strides in the initial database implementation (you'll recall from our last Missive that our first implementation will use LMDB), and it is very nearly ready for broader testing. Specifically: the new blockchain is working for most things, but there are bugs with certain aspects of block verification that need to be fixed before it can be more widely tested. If you are particularly intrepid you can already grab it here: https://github.com/tewinget/bitmonero/tree/blockchain and compile it, and thus assist in identifying areas where it breaks down, although such reports are probably best submitted as github issues to tewinget's repository to reduce duplication. Once these and any other major issues have been weeded out the next steps would involve a bit of refactoring, fix cross-platform nigglies, and open it up for general testing.

2. The testing of per-kb fees on testnet, too, has gone exceedingly well. We will be adding the functionality to simplewallet (previously it required manual creation) and hope to deploy that for general testing within the next week.

3. Kitware staff, Ben Boeckel in particular, have spent a lot of time completely reworking our CMake build system and bringing it up to best practices. The fruits of those efforts can be seen on the Pull Request currently undergoing testing: https://github.com/monero-project/bitmonero/pull/180 (feel free to checkout this PR if you'd like to test). Now that the build system is starting to come together in its final form, we are hoping to use it to tag and release 0.8.8.5 during the course of next week.

4. In order to more efficiently deal with changes in the on-disk wallet format we are moving away from the old serialised+encrypted .keys format, and have a new format which is effectively encrypted JSON. This change allows us to note the wordlist language in the wallet format (so that the "seed" command can reflect that choice) and allows for cross-platform compatibility of the .keys file, which we are sure is excellent news for anyone that moves wallets between operating systems and architectures. You can test this in PR 179.

5. There have been a constant string of improvements and changes to the forum software to make it more usable and useful. In particular, new comments in a thread are highlighted within that thread. Additionally, unread threads (or threads with new unread comments) are highlighted by having a green dot next to them. Both of these apply to logged in users only. If you haven't visited the forum, you are encouraged to do so: https://forum.monero.cc

Dev Diary

Core: LMDB implementation is rough but nearly working (details above). Worth testing cross-platform, least of all from a build perspective.

Core: since we have already had to perform the rather annoyingly complex task of offloading MoneroPulse checkpoint checks to a separate thread (so as not to tie anything up during checks) we have begun extending this to other parts of the core that could potentially be or currently are pain points. This does not include the flat-file blockchain saving, as that is going to be deprecated with the move to LMDB, so pools will just need to hang on and deal with that nuisance for a little bit longer.

Build: CMake is looking a lot cleaner and easier to grok. It also fixes cross-compile (see: http://www.cmake.org/Wiki/CMake_Cross_Compiling) which means that binaries for all our major supported platforms can be built on a single system.

Account: multilang wordlists are now inherent to the wallet/account, so that RPC and CLI calls that retrieve the mnemonic do so in the correct format. This has, in turn, necessitated moving away from the horrible serialised data format for account data. Since epee's JSON library is beyond redemption, we have opted to use RapidJSON instead (which is headers-only and thus straight in the source tree).

Until next week!

PS. this Missive has the very great honour of being the first one to be finalised and very nearly posted from the airWink

- updated by fluffypony

Privacy matters, use Monero - A true untraceable cryptocurrency
Why Monero matters? http://weuse.cash/2016/03/05/bitcoiners-hedge-your-position/
mmortal03
Legendary
*
Offline Offline

Activity: 1750
Merit: 1005


View Profile
October 30, 2014, 02:44:22 PM
 #16512


Even though somebody else knows that you own that address, they cannot see what is inside that address. You can send money from that address to another address. That would make it unlinkable.

Yes that is correct. I think what he meant was something like: If you have your public address on your web site (along with your name) and use that same address for an (otherwise anonymous) exchange, then the exchange account can then be linked to you, not through the blockchain, but through the exchange's own records of your address matching the address on your website.

Then that's not the protocol's fault but that of the laziness of the user

I'm for making software where even the laziest user benefits. This issue may ultimately become a matter of semantics, of course; I don't know the full design trajectory of Monero. All I'm saying is that this component of the reasoning that we have against people reusing addresses in cryptocurrencies still pertains to Monero. While Monero doesn't have the primary issue to avoid, that is, where people are able to check someone's balance and transaction history at any publicly disclosed address, Monero still runs into the problem of someone's identifiable information contained in third party databases being cross referenced, whenever or wherever it is that they've reused their Monero address.

Therefore, it seems that there is still an important usage case for having the software make effortless the management of multiple Monero addresses (or accounts, if you prefer). While Monero seems to get rid of the need to generate and manage a new address for every single transaction, there is still a need to generate and manage new addresses for each privacy case where external cross-referencing might be plausible.

I don't doubt that there are smarter people who have already thought through all of this, but it does seem to be a usage case that hasn't been fully fleshed out from a practical standpoint in the software (and please correct me if I'm wrong). It seems to currently be a clumsy situation to manage multiple Monero accounts. Each requires its own instance of the wallet software to be running, and each requires its own backup mnemonic. All I'm interested in here is achieving the maximum security that we can in the least tedious way possible for users.
NeuroticFish
Legendary
*
Offline Offline

Activity: 1834
Merit: 1190


There are no mistakes. Only opportunities wasted.


View Profile
October 30, 2014, 03:02:22 PM
 #16513

Monero Monday Missives

October 27th, 2014

Thank you very much.


I'm for making software where even the laziest user benefits. [...]

Therefore, it seems that there is still an important usage case for having the software make effortless the management of multiple Monero addresses (or accounts, if you prefer). While Monero seems to get rid of the need to generate and manage a new address for every single transaction, there is still a need to generate and manage new addresses for each privacy case where external cross-referencing might be plausible.

I don't doubt that there are smarter people who have already thought through all of this, but it does seem to be a usage case that hasn't been fully fleshed out from a practical standpoint in the software (and please correct me if I'm wrong). It seems to currently be a clumsy situation to manage multiple Monero accounts. Each requires its own instance of the wallet software to be running, and each requires its own backup mnemonic. All I'm interested in here is achieving the maximum security that we can in the least tedious way possible for users.

For the security issue, I'd say that even if he doesn't change the address, the lazy user has not much to lose. And creating a new wallet now and then is not a hard task.

But managing multiple wallets in one software is a good point and I wish to see the day we will have a wallet software that behaves (at least) like MultiBit or MultiDoge, with all wallets in one program.
(Maybe this goes also as an idea for the guys that worked/work on the current GUI wallets)


macsga
Legendary
*
Offline Offline

Activity: 1484
Merit: 1002


Strange, yet attractive.


View Profile
October 30, 2014, 05:21:59 PM
 #16514

Nothing (I'll type it again: NOTHING) is anonymous if it happens online. There are allegedly anonymous solutions like Tor or secure VPNs, but if somebody wants to find you (provided he has the resources) he will do so. A word for XMR. Do not post your addresses online, for this is the only address you have. I've seen many people doing so; dood if you don't mind revealing your address, what's the point of using XMR anyway?

This is small misunderstanding. Monero addresses are safe to post online, list in a public directory etc. They don't appear on the blockchain, and the only thing you can do with an address is send coins to it. You can't identify transactions that were sent to the address.

Of course, nothing is ever quite 100%, it is possible there may be bugs or flaws. However, that is the intent of the design.


If you buy your XMR on a centralized exchange, though, and the exchange keeps records of your withdrawals to that address, it could be linked back to your personal information if the exchange's records are ever disclosed.

Even though somebody else knows that you own that address, they cannot see what is inside that address. You can send money from that address to another address. That would make it unlinkable.

Yes that is correct. I think what he meant was something like: If you have your public address on your web site (along with your name) and use that same address for an (otherwise anonymous) exchange, then the exchange account can then be linked to you, not through the blockchain, but through the exchange's own records of your address matching the address on your website.

Then that's not the protocol's fault but that of the laziness of the user

All the above comments are correct. What I was talking about was about the ability of one specific authority to link your IP with your XMR address. Many people out there (including me for a rather long time) were using their exchange addresses for donations and/or transactions. Like you said, this is a fatal error. Sorry if I was misunderstood.

Chaos could be a form of intelligence we cannot yet understand its complexity.
BanditryAndLoot
Member
**
Offline Offline

Activity: 70
Merit: 10

Activity: 350


View Profile
October 30, 2014, 05:32:53 PM
Last edit: October 30, 2014, 05:48:22 PM by BanditryAndLoot
 #16515

All the above comments are correct. What I was talking about was about the ability of one specific authority to link your IP with your XMR address. Many people out there (including me for a rather long time) were using their exchange addresses for donations and/or transactions. Like you said, this is a fatal error. Sorry if I was misunderstood.

I agree with you, exchanges will have data that is linked to both your ip address and your account on their website. Apart from using email addresses that are not tied to you, and even possibly accessing the exchange from a vpn/tor service (or spoofed mac addressing), the incoming and outgoing transactions on the Monero blockchain will be tougher to link, in the future, with an ip address.

The ongoing work on the i2pd development, and (assumed?) future integration into the Monero client will make ip addresses unlinkable with addresses in the wallet, even though that would be very tough to do anyways even without i2p.

So, worst case is that the exchange can be asked to provide only proof of an account you managed to authorities, and not necessarily be able to provide proof that you owned the money in the account. I believe that will give an edge, if nothing else.

So your choice to claim ownership or not, is still largely in your own hands. Your choice to obscure your identity from involvement with Monero at all, that's a tougher issue that will require all parties involved to secure (Yourself, the monero client, and the exchange in this example). Fortunately, 2 out of 3 is mostly enough to obscure yourself quite effectively.

ADD:

Of course, if you were to purchase XMR on the exchange with an altcoin or bitcoin that you purchased with fiat money/something else, and never withdraw it from the exchange to your own wallet, then of course your movements can be identified, provided you use the same email address/ip addresses across accounts. This will also be addressed, as the tools of mass adoption are refined to the point where an average user feels comfortable and is capable of running the wallet software on their computer.

Perhaps large purchases might best be done by renting or purchasing mining equipment, as that can already be done through a vpn/tor service IIRC?

And it's only at the end of fall, that we discover it was naught but the wind that knew when one particular leaf was to fall from one particular tree, only to land in one distinct spot .. to be left for an eternity, and waste its time in a wait sublime. C0A2A1C4
macsga
Legendary
*
Offline Offline

Activity: 1484
Merit: 1002


Strange, yet attractive.


View Profile
October 30, 2014, 05:47:34 PM
 #16516

All the above comments are correct. What I was talking about was about the ability of one specific authority to link your IP with your XMR address. Many people out there (including me for a rather long time) were using their exchange addresses for donations and/or transactions. Like you said, this is a fatal error. Sorry if I was misunderstood.

I agree with you, exchanges will have data that is linked to both your ip address and your account on their website. Apart from using email addresses that are not tied to you, and even possibly accessing the exchange from a vpn/tor service, the incoming and receiving transactions on the Monero blockchain will be tougher to link, in the future, with an ip address.

The ongoing work on the i2pd development, and (assumed?) future integration into the Monero client will make ip addresses unlinkable with addresses in the wallet, even though that would be very tough to do anyways even without i2p.

So, worst case is that the exchange can be asked to provide only proof of an account you managed to authorities, and not necessarily be able to provide proof that you owned the money in the account. I believe that will give an edge, if nothing else.

So your choice to claim ownership or not, is still largely in your own hands.

ADD:

Of course, if you were to purchase XMR on the exchange with an altcoin or bitcoin that you purchased with fiat money/something else, and never withdraw it from the exchange to your own wallet, then of course your movements can be identified. This will also be addressed, as the tools of mass adoption are refined to the point where an average user feels comfortable and is capable of running the wallet software on their computer.

Perhaps large purchases might best be done by renting or purchasing mining equipment, as that can already be done through a vpn/tor service IIRC?

a. This is an extraordinary prospect; thanks for bringing it up. I do have a question though... Could the ISP of yours (provided they're aware) pinpoint your XMR transaction in some way? (ie: by sniffing header i2pd packages?)

b. This is the way I bought the majority of the stash of mine. I mine a little right now with a small office farm. Are you referring to the possibility of renting a botnet just for the mining purposes? Hmm... Depends who's door you're going to knock. Wink

Addition for your consideration (rather old article but describes what I had in mind):
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption

Chaos could be a form of intelligence we cannot yet understand its complexity.
BanditryAndLoot
Member
**
Offline Offline

Activity: 70
Merit: 10

Activity: 350


View Profile
October 30, 2014, 06:05:04 PM
Last edit: October 30, 2014, 07:51:20 PM by BanditryAndLoot
 #16517

a. This is an extraordinary prospect; thanks for bringing it up. I do have a question though... Could the ISP of yours (provided they're aware) pinpoint your XMR transaction in some way? (ie: by sniffing header i2pd packages?)

Big data analysis is a big business. Currently, most of it revolves around creating scoring programs to capture targeted data, even if that data is encrypted in your TLS/SSL protocol using RSA, ECDH_ECDSA, ECDHE_ECDSA, ECDH_RSA, ECDHE_RSA, it's still collected and stored based on a multitude of scoring systems, for possible 'pinpointing' later. This means that one of the major movements we're seeing is a literal countdown, equivalent to the ball dropping on new years, of valid quantum computers being developed. After that, someone would have to develop a quantum algorithm for specifically breaking each one of those in the protocol, which also involves working this out mathematically before a valid implementation can even be attempted on the computer. That's just internet traffic, which likely has multitudes of levels of more juicy information in it than a Monero transaction right now.

I believe the way i2p would work with Monero, is that they would still possibly be able to pinpoint 'an' i2p package (not being able to identify what's in it, however), possibly from your ip address (which you can also obscure through a VPN). Anyways, that package would have a very tough time being tracked back to your ip address (someone else will be better able to explain i2p to you than me), but you should be able to use other things like mac address spoofing to give yourself even more unlinkability.

Long story short .. it would be a lot of work, and Bitcoin and likely every other Altcoin, along with just about every internet protocol in use, as well as most encryption standards in use today, would all likely be broken long before someone picks your individual transaction from your individual address (let alone even scored high enough to capture the data - blockchains are a little different though) from the blockchain, and links it to another of your individual transactions, and same address, as the encryption used to prevent double spending on these blockchains is not yet secure against quantum algorithms.

If that's not a lot of security in 2014, I really don't know what else to try for here Cheesy

As for a quick answer to your question: Yes, but the timeframe in which they are capable of identifying exactly everything, is likely outside of a decade. Possibly even lifetime, but who knows! Even then, it still has to be economically feasible, so they likely aren't looking for Johnny buying weed. There's still a long way to go, provided everyone takes the right steps.

b. This is the way I bought the majority of the stash of mine. I mine a little right now with a small office farm. Are you referring to the possibility of renting a botnet just for the mining purposes? Hmm... Depends who's door you're going to knock. Wink

I'd advocate for an investment of your own mining equipment, before ever contacting a botnet operator and buying from them directly, but it's your choice. Fortunately, they would also likely be privacy-minded as well, so at least there's that in common.

And it's only at the end of fall, that we discover it was naught but the wind that knew when one particular leaf was to fall from one particular tree, only to land in one distinct spot .. to be left for an eternity, and waste its time in a wait sublime. C0A2A1C4
macsga
Legendary
*
Offline Offline

Activity: 1484
Merit: 1002


Strange, yet attractive.


View Profile
October 30, 2014, 06:11:29 PM
 #16518

a. This is an extraordinary prospect; thanks for bringing it up. I do have a question though... Could the ISP of yours (provided they're aware) pinpoint your XMR transaction in some way? (ie: by sniffing header i2pd packages?)

Big data analysis is a big business. Currently, most of it revolves around creating scoring programs to capture targeted data, even if that data is encrypted in your TLS/SSL protocol using RSA, ECDH_ECDSA, ECDHE_ECDSA, ECDH_RSA, ECDHE_RSA, it's still collected and stored based on a multitude of scoring systems, for possible 'pinpointing' later. This means that one of the major movements we're seeing is a literal countdown, equivalent to the ball dropping on new years, of valid quantum computers being developed. After that, someone would have to develop a quantum algorithm for specifically breaking each one of those in the protocol. That's just internet traffic, which likely has multitudes of levels of more juicy information in it than a Monero transaction right now.

I believe the way i2p would work with Monero, is that they would still be able to pinpoint 'an' i2p package, possibly from your ip address (which you can also obscure through a VPN). Anyways, that package would have a very tough time being tracked back to your ip address (someone else will be better able to explain i2p to you than me), but you should be able to use other things like mac address spoofing to give yourself even more unlinkability.

Long story short .. it would be a lot of work, and Bitcoin and likely every other Altcoin, along with just about every internet protocol in use, as well as most encryption standards in use today, would all likely be broken long before someone picks your individual transaction from your individual address (let alone even scored high enough to capture the data - blockchains are a little different though), and links it to another of your individual transactions, and same address, as the encryption used to prevent double spending on these blockchains is not yet secure against quantum algorithms.

If that's not a lot of security in 2014, I really don't know what else to try for here Cheesy

As for a quick answer to your question: Yes, but the timeframe in which they are capable of identifying exactly everything, is likely outside of a decade. Possibly even lifetime, but who knows! Even then, it still has to be economically feasible, so they likely aren't looking for Johnny buying weed. There's still a long way to go, provided everyone takes the right steps.

b. This is the way I bought the majority of the stash of mine. I mine a little right now with a small office farm. Are you referring to the possibility of renting a botnet just for the mining purposes? Hmm... Depends who's door you're going to knock. Wink

I'd advocate for an investment of your own mining equipment, before ever contacting a botnet operator and buying from them directly, but it's your choice. Fortunately, they would also likely be privacy-minded as well, so at least there's that in common.

Part of what I do for living is dealing with security systems. I assure you there's none without a flaw; (correction:except it's offline) at least one that "somebody with the proper funds and equipment" won't be able to pinpoint who you really are. I've invested in XMR for various reasons, but mainly because of that possibility it offers. Let's see how it evolves. I've got a lot of faith to the people involved. Wink

Chaos could be a form of intelligence we cannot yet understand its complexity.
BanditryAndLoot
Member
**
Offline Offline

Activity: 70
Merit: 10

Activity: 350


View Profile
October 30, 2014, 07:25:46 PM
Last edit: October 30, 2014, 09:45:17 PM by BanditryAndLoot
 #16519

Addition for your consideration (rather old article but describes what I had in mind):
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption

I didn't see this until after. That's a pretty decent article.

Quote
The National Security Agency has made repeated attempts to develop attacks against people using Tor, a popular tool designed to protect online anonymity, despite the fact the software is primarily funded and promoted by the US government itself.
They've failed to make the point that due to the fact that it was funded and promoted by the USG, it's likely still in use by the USG, albeit it's not likely TOR to them, but some standard that uses onion routing. It's probably been better developed for sure, but the infrastructure is likely similar, see here:

Militaries use Tor

Field agents: It is not difficult for insurgents to monitor Internet traffic and discover all the hotels and other locations from which people are connecting to known military servers. Military field agents deployed away from home use Tor to mask the sites they are visiting, protecting military interests and operations, as well as protecting themselves from physical harm.

Hidden services: When the Internet was designed by DARPA, its primary purpose was to be able to facilitate distributed, robust communications in case of local strikes. However, some functions must be centralized, such as command and control sites. It's the nature of the Internet protocols to reveal the geographic location of any server that is reachable online. Tor's hidden services capacity allows military command and control to be physically secure from discovery and takedown.

Intelligence gathering: Military personnel need to use electronic resources run and monitored by insurgents. They do not want the webserver logs on an insurgent website to record a military address, thereby revealing the surveillance.

While they don't mention specifically which military uses TOR, it remains an avenue for obscured communications for them. Likely, efforts to undermine the actual protocol would prove to be a double-edged sword. Additionally, being the original developers of the software with the most resources, they would logically stand to have the highest chances of breaking the protocol if it was possible to do so.

Really, the best known tactic they can apply is setting up as many exit/enter nodes as possible, and hoping that their own personal nodes are used randomly by a single user in a single session (timing attacks). This gives them the ability to track one single access, or communication, between you and whoever you're dealing with, and even then they'd still have to work around encryption if they couldn't subpoena the third party you were working with. As soon as you have a new 'identity' (every single time you access TOR, or whenever you click new identity), they have to wait until the same scenario occurs again. The chances of this happening decrease drastically with the number of enter/exit nodes on the network. So, its real shortcoming here is that it's just not being used enough yet. Of course, there's still some implementation issues to work out just like anything else, but the protocol is quite secure overall.

The other tactic they mention here:

Quote
The trick, detailed in a top-secret presentation titled 'Peeling back the layers of Tor with EgotisticalGiraffe', identified website visitors who were using the protective software and only executed its attack – which took advantage of vulnerabilities in an older version of Firefox – against those people. Under this approach, the NSA does not attack the Tor system directly. Rather, targets are identified as Tor users and then the NSA attacks their browsers.

Firstly, note that the outdated firefox browser was the weak link, an implementation issue which led to the knowledge of 'TOR usage'. This type of discovery would likely place your IP address at a high enough 'score' to record data. Again though, this can be mitigated very well by more users using TOR, which would deter continued tracking. Alternatively again, you can use mac address spoofing, so regardless of the IP packet monitoring, all of the data cannot be traced to your hardware, unless they were to break the encryption, or the site you were accessing was capable of being subpoena'd .. in which case they could possibly cross reference the users of their site that came in through known TOR nodes (some are unknown, like new ones), which would still leave you with plausible deniability if there were a large amount of their customer base using TOR, so they would have a tough time linking yourself to anything more than what you were already linked to.

Only through cross referencing multiple sites that came through TOR nodes could they even begin to link that you're the user using TOR that accessed that website from your ISP IP address, unless they had access to your computer (they likely can get this a different way than TOR).

Either way, Monero is working to integrate I2P. As a difference, I believe I2P lets you construct a type of anonymous whitelist, giving you the ability to 'discard' nodes that are questionable. Check here for info about that. Additionally, it looks like anyone running an I2P program becomes part of the network, where with TOR you have to provide a node specifically set up to handle network traffic (so you can do firefox, etc. without setting up a TOR node and instead just install the program on your computer). This leads to some heavy scaling issues, but for something with very little information going across the network like a crytpocurrency network, it sounds like a good match .. I just don't think you're gonna have everyone streaming videos on it 24/7.

Yes, everything has its trade-offs. I'm looking forward to where this ends up as well!


And it's only at the end of fall, that we discover it was naught but the wind that knew when one particular leaf was to fall from one particular tree, only to land in one distinct spot .. to be left for an eternity, and waste its time in a wait sublime. C0A2A1C4
kazuki49
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250



View Profile
October 30, 2014, 08:42:06 PM
 #16520

XMR bullish news (future) http://rt.com/business/200883-banking-secrecy-obsolete-berlin-tax/
Pages: « 1 ... 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 [826] 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 ... 2035 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!