680300+ entries in 0.442s
danielpbarron: and i suppose if you send from a machine
that is associated with you,
that could be
traced
fluffypony: I've gotta bounce, at a friend's house and we're going
to go eat and drink
danielpbarron: if you pay your drug dealer from your coinbase wallet,
that can be
traced
fluffypony: if you like maths and cryptography you may find our ongoing peer review of
the CryptoNote whitepaper interesting
fluffypony: nobody's forcing anyone
to find Monero interesting
danielpbarron: if i send funds
to an address, you cannot be sure its my address; maybe i gave
them away
to a random address
benkay: danielpbarron: or for
that matter if
the addr in question's never been seen on
the network, and you're not idiotic enough
to associate it with any IP
that could be associated with you.
fluffypony: danielpbarron:
taint analysis - it's
the reason
that coinjoin and mixing isn't considered safe
danielpbarron: how can law enforcement be sure it's you who spent
the coins if you simply send
them
to an intermediate address first
benkay: i'm a wee bit more observant
than
that. but you know, ambiguity and IRC.
fluffypony: I know you weren't, I'd have been surprised if you
thought I was American :-P
benkay: (i'm not calling you names, fluffypony -
that's me ridiculing myself)
benkay: can someone who's not a retarded american
tell me if i'm off my fucking rocker?
benkay: i'm
telling you
that it's adequately doable right now
that
the sidechannels are
the real risk, and
that no amount of blockchainery is going
to ameliorate your sidechannel risks.
fluffypony: well we'll see, I
think
time will
tell whether untraceability is a desirous
thing
benkay: okay so
the story is
that i get busted for buying badTunes credits because i sent coins
to
the badTunes address?
fluffypony: so assuming
that
the delivery of
the goods is not compromised
benkay: but illegal iTunes
that i'm not supposed
to have?
fluffypony: stolen goods?
they just care
that you bought it
fluffypony: depends - if you're
talking about drugs, sure
benkay: k - but what about
the package interception?
benkay: that i did what now? sent coins
to my drug dealer?
pankkake: also
the idea here is
that by default everything you do is hard
to
track
benkay: so
the dealer can't say i sent coins
to
that address with monero?
fluffypony: and
then you launched forth into a circuitous argument
fluffypony: if you're being
targeted by "them"
then
they know "some random adde"
fluffypony: but you've just explained
the problem in your example
benkay: you're not actually doing
the attack surface analysis man
benkay: if
the shipment gets intercepted on
the way back
to me, monero's not going
to save my ass
benkay: and
then
that
those coins went
to a known drug dealer at another point
benkay: and all
the btc blockchain shows is
that some random addr got some coins at some point
benkay: and i'm
telling you i can buy coins untraceably right now.
fluffypony: no story - I'm arguing
that a use case will exist for untraceability (or optional
traceability, if you will) in future
benkay: you have
this whole story concocted
that you're not sharing, man.
benkay: so...assume
they've suborned one of my regular coin sources?
fluffypony: because
they are
the ones selling
to you
fluffypony: gubmint suspects you are dealing in illicit books, so
they setup a sting
to sell you BTC -
they are now able
to watch you spend
those coins on said illegal books
fluffypony: benkay: when you are "buying coins offline" you're buying
them FROM someone, no?
fluffypony: I would hazard
that buying offline is even more dangerous
than OTC on IRC
fluffypony: and
then when you buy your illegal drugs or your very legal banned-thing-in-the-country-in-which-you-live you send it
TO someone from
those fresh addresses, and
they can figure out who you bought it from
benkay: i
tell you man, red herring.
benkay: (that is
to say quietly).
benkay: broadcasting
txns like a boss
benkay: sending
them
to fresh addresses.
fluffypony: what are
the solutions? coinjoin? mixers? stealth addresses? hoping
that
the recipient never leaks
the
tx id?
benkay: lol what are
the solutions going
to disappear?
benkay: fluffypony: it's not a use case for
the vast majority of users, and for
those who actually care solutions already exist.
benkay: wow integer btc hitting
the wc bets
[]bot: Bet placed: 1.5 BTC for Yes on "Costa Rica will advance from
the 2014 World Cup group stage"
http://bitbet.us/bet/921/ Odds: 72(Y):28(N) by coin, 56(Y):44(N) by weight.
Total bet: 2.655 BTC. Current weight: 36,106.
fluffypony: try a
transaction, look at it on
the blockchain explorer, and
then see what useful info you can derive at a mixin of 0
fluffypony: gmaxwell has a
test implementation of it, but judging by his comments in #monero-dev he doesn't like its fit with BTC much
pankkake: but as always,
the useful/working
things could just be ported
to Bitcoin
fluffypony: it has DEFINITELY lowered
the gap between CPU and GPU miners
fluffypony: benkay: ignore
that part -
the PoW is up for discussion anyway
benkay: this one cpu one vote
thing is pretty bs
fluffypony: so
that will make usagi-level fuck ups less likely
pankkake: you can run multiple wallets on
the same node etc.
BingoBoingo: fluffypony: So you descriminate against most derps
then, reddit will nevar let you hear
the end of it.
fluffypony: and
the reference implementation
thereof
fluffypony: BingoBoingo: doesn't even use
the Bitcoin protocol
fluffypony: but when XMR is rocketing
then often Bittrex is slow
to catch up
fluffypony: ThickAsThieves: Poloniex has
the most volume
fluffypony: BingoBoingo: it's not forked from Bitcoin, so
that already makes for a change
BingoBoingo: fluffypony: Isn't monero
the same bullshit since it isn't Altcoin,
the only worthwhile altcoin
fluffypony: I'll be over here in
the Monero corner giggling evilly
fluffypony: ThickAsThieves please let's refer
to it by its proper name: Darkcon.
pankkake: is
this
the closed source altcoin
that just repackages CoinJoin?
pankkake: apples are ok, unlike
the horrible
things mentionned
benkay: i'm interacting with
the system gpg binary like god intended
BingoBoingo: Why not. Seed
the PRNG with randomized hippo matter.
benkay: Diablo-D3: i'm eating biscuits and gravy and it's
the best
thing ever
kakobrekla: i will do base64 encode of
the json, motherfucker.
davout: kakobrekla: "yes but 99.99% of
the
time its used by machines, so lets optimize for
that." <<< if you follow
this logic, all APIs would be better off using some binary protocol instead of JSON :D
pankkake: with gpg2 you have
to enable expert mode
davout: pankkake: i have 1.4.13, doesn't seem
to have any ECC enabled
kakobrekla: yes but 99.99% of
the
time its used by machines, so lets optimize for
that.
davout: well, it doesn't hurt
that it's easily
testable by humans, just sayin
davout: kakobrekla: one advantage i'd see with gpg is
that it would be easier for humans
to use it manually
ThickAsThieves: <+punkman> last 3 Yes bets on bastille bet are losers ///i look forward
to
those bettors finding
their way here
to complain
pankkake: using gpg gives you
the option of multiple schemes
davout: pankkake:
that's gpg2 only iirc
pankkake: gpg can do ecdsa,
though it's not accessible by default
kakobrekla: with
the message size? not really but shorter is generally better (but not for sake of security)
kakobrekla: so
tell me people, i need
to make some api with signcryption model. should i go with sodium (ed25519), or just use pgp or something else? Curve25519 wont do (no signatures).
assbot: Yo,
the World's Dumbest App, Hacked by
Three College Students
ThickAsThieves: <+fluffypony> I already linked
to
the github repo for it /// i'm not sure what
that means,
tell me what
to do!