> “It is completely absurd to inflict mass surveillance on the general public under the premise of fighting theft.” > It comes at a cost to the privacy and civil liberties of the people of Britain.

www.eff.org

> The right time to start protecting your digital privacy is before your trip […] The simplest and most reliable precaution against border searches is to reduce the amount of information that you carry across the border. [](https://monero.town/pictrs/image/21c08bef-3967-4445-b9d2-9f0354ac14b7.webp "Click to Enlarge") *** > Sometimes law enforcement officials achieve so-called “consent” by being vague […] You can try to dispel this ambiguity by inquiring whether border agents are asking you or ordering you […] If an agent says it is a request only, you might politely but firmly decline to comply with the request. > > If you are a U.S. citizen, border agents cannot stop you from entering the country, even if you refuse to unlock your device, provide your device password, or disclose your social media information. However, agents may escalate the encounter if you refuse. > > If you elect to comply with a border agent’s order to unlock your device, provide your password, or disclose your social media information, you can inform the agent that you are complying under protest and that you do not consent. *** > It is possible that if you unlock your device, and agents then search your device, a court will rule that you consented to the search. […] As noted in Part 1, the best way to avoid an inadvertent “consent” to search is to decline to unlock your device, provide the device password, or provide any social media information. > > Technically, you don’t even need to admit that you know the password. > > If you believe that border agents violated your digital rights at the border, please contact EFF at borders@eff.org. *** See also: * https://www.eff.org/document/eff-border-search-pocket-guide * https://www.eff.org/issues/border-searches * https://monero.town/post/402125 *Fifth Circuit says law enforcement doesn’t need warrants to search phones at the border*

securityaffairs.com

> The fact that the issue was discovered by Google TAG suggests it was exploited by a nation-state actor or by a surveillance firm. > > As usual, Google did not publish details about the attacks exploiting the flaw in the wild. See also: https://www.cert.europa.eu/publications/security-advisories/2023-100/ > This vulnerability also affects Chromium-based web browser such as Microsoft Edge [3], Brave, Opera, and Vivaldi.

Monero Saki • 9 months ago • 87%

thebittimes.com

>“Some Hackers have figured out there is no quick and easy way for a company that receives one of these EDRs (emergency data request) to know whether it is legitimate,” he said. > >“The hackers will send a fake emergency data request along with an attestation that innocent people will likely suffer greatly or die unless the requested data is provided immediately.”

blog.torproject.org

>privacy has nothing to do with having something to hide. Instead, privacy means protecting the human being that you are, all the personal details that make you, you. What you care about, what you love, what you hate, what you are curious about, what makes you laugh, what you fear. And most importantly, choosing when you decide to share that information and who you share it with. >it *is* possible to build technology used by millions of people with privacy at the heart. **We build technology to advance that right in order to help users reclaim their agency in digital spaces.** (But by default, Tor Browser is *not* shipped with uBlock Origin.) PS: ONION LINK http://pzhdfe7jraknpj2qgu5cz2u3i4deuyfwmonvzu5i3nyw4t4bmg7o5pad.onion/tor-in-2023/index.html

www.eff.org

NOTE: This is about the Fifth Amendment protection against self-incrimination after a search warrant for someone’s cell phone is procured; *not* about digital privacy in general at the U.S. Border (a warrantless search). See also: https://monero.town/post/1134494 *EFF to Supreme Court: Fifth Amendment Protects People from Being Forced to Enter or Hand Over Cell Phone Passcodes to the Police*

www.theregister.com

>Now before the House, HR 6570 proposes to reauthorize Section 702 for three years — but with reforms including requiring all US intelligence agencies to obtain a warrant before conducting a US person query. >a competing bill, the FISA Reform and Reauthorization Act of 2023 (HR 6611), doesn't include a warrant requirement — and, in fact, includes language that many worry could be used to force private US companies into assisting in government-directed surveillance

justthenews.com

> House Intelligence Committee bill would also expand the definition of an electronic communication service provider include a broader range of providers, including those who “provide hardware through which people communicate on the Internet.” See also: [Tell Congress: They Must Defeat HPSCI’s Horrific Surveillance Bill | EFF Action Center](https://act.eff.org/action/tell-congress-they-must-defeat-hpsci-s-horrific-surveillance-bill)

Monero Saki • 10 months ago • 75%

egodeath.capital

**How FinCEN May Be Violating Your Rights**\ A call to action against FINCEN proposal 2023-0016A\ Written By Preston Pysh >*Eroding Anonymity Through Additional Verification*: The mandate for “Additional Customer Identity Verification Measures for Transactions Involving Unhosted Wallets” is a direct affront to privacy and anonymity. This requirement transgresses on the First Amendment’s sanctuary for anonymous speech > >*A Direct Assault on Anonymity-Enhanced Currencies*: The “Prohibition on the Use of Anonymity-Enhanced Convertible Virtual Currencies (AECVC)” is nothing short of a legislative bulldozer through the edifice of privacy. See also: [Preston Pysh says proposed FinCEN crypto rules violate US Constitution](https://protos.com/preston-pysh-says-proposed-fincen-crypto-rules-violate-us-constitution/)

netzpolitik.org

> Bis zum Jahr 2030 will die EU allen Bürger:innen eine „European Digital Identity Wallet“ (ID-Wallet) zur Verfügung stellen. Sie soll on- wie offline bei Verwaltungsgängen und Bankgeschäften, aber auch bei Arztbesuchen, Alterskontrollen oder beim Internetshopping zum Einsatz kommen. (*By 2030, the EU wants to provide all citizens with a “European Digital Identity Wallet” (ID wallet). It is intended to be used online and offline for administrative procedures and banking as well as medical visits, age verification, and internet shopping.*) The article (in German) is mostly about eIDAS 45\ Cf. https://monero.town/post/1018961 Last Chance to fix eIDAS: Secret EU law threatens Internet security (There are many English articles about it; see e.g.\ https://mullvad.net/en/blog/eu-digital-identity-framework-eidas-another-kind-of-chat-control ) Though not the main topic of the article, this “ID wallet” thing sounds disturbing. (EU politicians calls a normal wallet “unhosted wallet” and don’t like it very much.)

Meta Saki • 10 months ago • 80%

On the front page of monero.town, sm.ms and catbox.moe are recommended as image hosting services. Unfortunately both are not Tor-friendly, esp. Catbox blocks Tor. The Cock\.li guy [comes up](https://shitposter.club/notice/AcTuTzIlT0JJ7RpTCi) with a [solution](https://fatbox.moe/). 1) Solution about Catbox: Just change **cat** in the URL to **fat** and the image is viewable for Tor users! > **Example** https://monero.town/post/1025717 where > https://files.catbox.moe/6z3p3z.jpg is not viewable via Tor > https://files.fatbox.moe/6z3p3z.jpg would be viewable via Tor 2) How to use an inline image (in general, not only Catbox) > The syntax is **``** so…\ > `` > > Result: >  3) How to make it a Clickable thumbnail > Text link would be `[Text](URL)` you can replace `Text` with an inline image, `URL` with the image URL, i.e.\ > `[`**``**`](URL)` so…\ > `[`**``**`](https://files.fatbox.moe/6z3p3z.jpg)`\ > Result [](https://files.fatbox.moe/6z3p3z.jpg) *** Note: Optionally you can put Alt text in **`![]`** as in\ **`![`**`Monero-chan is happy`**`]`**`(https://sample.net/happy-monerochan.png)` *** Another hosting service imagebam.com is iffy but Tor friendly, easy to upload images there from Tor Browser & you can direct-link to the uploaded full image. Using 3rd party image hosting services has privacy implications, but it will save the server resource of monero.town.

blog.torproject.org

>Many countries use censorship systems to block access to human rights resources >.onion sites are particularly useful at maximizing internet users' privacy and anonymity because they never leave the Tor network. While technically I2P might be better, it’s good news that a recognized human rights organization has adopted an onion, because that will improve the “shady” image of Tor, esp. hidden services (aka darknet), as in “privacy technology is good, not for criminals, but *for you*, for everyone. Using Tor is normal, and Monero is a great tool.”

Monero Mining Saki • 10 months ago • 72%

> Apparently, the Nintendo Switch gets 230 hashes per second mining #Monero [](https://images4.imagebam.com/0b/1f/e1/MEQJHKY_o.jpg) Can you mine crypto with a Nintendo Switch? https://cryptonews.net/news/mining/27918548/ > Interestingly, RandomX, the Monero mining algorithm, allows for alternative experiments like this due to being ASIC-resistant. Miners can use simple CPUs or gaming devices to run the algorithm and try their luck at block discovery while supporting network security.

> law enforcement has been using […] systems since 2015, in utmost secrecy. The software in question […] can track a person across a network of cameras, for instance, by the color of their sweater > Any policeman […] can request to use [it] > The potential use of facial recognition worries within the institution itself. […] In France, facial recognition is only authorized in rare exceptions > This massive installation was carried out outside the legal framework provided by a European directive and the French Data Protection Act The National Commission on Informatics and Liberty (CNIL), a French administrative regulatory body, started an investigation against the French Minister of the Interior [1][2]. The Minister, Gérald Darmanin ordered an investigation [2]. - [1] https://nitter.oksocial.net/CNIL/status/1724745047537488019 [French] - [2] https://web.archive.org/web/20231121093507/https://www.ouest-france.fr/politique/gerald-darmanin/entretien-gerald-darmanin-lantisemitisme-le-signe-dune-societe-qui-ne-va-pas-tres-bien-938b76ce-856c-11ee-9632-b62f00689e79 [French] > La Cnil […] annonce l’ouverture d’une enquête contre le ministère de l’Intérieur. Elle soupçonne la police d’utiliser un logiciel de reconnaissance faciale, depuis 2015, en dehors de tout cadre légal. Qu’en est-il ? (CNIL suspects the police are using facial recognition outside any legal framework. Comments? - Gérald Darmanin’s answer: The news is true. I ordered an investigation.)

www.wired.com

>the White House has, for the past decade, provided more than $6 million to the program, which allows the targeting of the records of any calls that use AT&T’s infrastructure >the program takes advantage of numerous “loopholes” in federal privacy law >the DAS program has been used to produce location information on criminal suspects and their known associates, a practice deemed unconstitutional without a warrant (This website is a bit annoying.)

> See https://monero.town/post/968066 Onion http://rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion/ This free email provider is not for everyone. Sometimes a Cockmail address is not accepted to register something. Sometimes, though not often, another email provider may indiscriminately block email from Cock.li. Afaik Cock.li<->Proton, Cock.li<->Tuta work. *** PS: Admin, Vincent Canfield [@vc@shitposter.club](https://shitposter.club/users/vc)

Meta Saki • 10 months ago • 66%

https://monero.town/post/1144305 > Bicoin Black Friday: BusKill (Open-Source Hardware Dead Man Switch) Announces 10% Discount There are 4 reports saying this is spam, and it is indeed cross-posting link spam, and feels slightly excessive but not extremely so (?). The thing is, Monero.town doesn’t forbid ads, and freedom of speech is important even if what is said is unpleasant for me or for someone else. Thoughts? *** Edit: Since someone has appointed me as a mod in !privacy, where https://monero.town/post/1144305 is, I can remove it, except I don’t want to remove anything unless really necessary. The lack of guidelines about ads in monero.town means, the OP didn’t do anything against the rule(s). I couldn’t remove the new one in !moneromarket https://monero.town/post/1142415 Not sure if [@admin@monero.town](https://monero.town/u/admin) thinks it’s bad enough, either. Monero is censorship-resistant, meaning we tend to hate deleting someone else’s speech/expression just because it’s subjectively disagreeable. *** Given that Monero is money after all and some for-profit services are useful for its users too, probably commercial posts (ads) should be allowed in general, *if not excessive*. And BusKill ads are not excessive in terms of frequency, like only once a month. Perceived link spamming (self-promotion) advertising SimplifiedPrivacy has been also noticed by many including myself, which has been like once or twice a week, and explicitly questioned here ( https://monero.town/post/1085883 ); but many (including myself) think these posts can be useful nevertheless, the poster being knowledgeable.

www.eff.org

See also: Fifth Circuit says law enforcement doesn’t need warrants to search phones at the border https://monero.town/post/402125

techcrunch.com

> The app store “collects and sends data […] This includes information like device model, brand, country, timezone, screen size, view events, click events, logtime of events, and a unique KID ID,” > Hancock didn’t return the tablet to her daughter until after making changes to protect her daughter’s privacy. > [She] even installed Tor, a browser that is designed to protect the anonymity of its user. An awesome Mom, like [Mrs. Roberts](https://xkcd.com/341/) from xkcd!

Monero Saki • 10 months ago • 54%

EDIT: Don’t take this too seriously; **do *not* actually send a donation** (unless you really want to, like admiring “Nice photoshopping!” “Thanks for the fun pic”). While it’s entertaining and thought-provoking, using their work this way is ethically questionable too. As @z0rg0n pointed out, one could even see this as a scam. Although it’s a fine work and freedom of expression is more important, this may more properly belong to “Memes”. *** EDIT2: This post and “cool if real” by @alphonse https://monero.town/post/1122495 were created almost at the same time. That was a coincidental post conflict; @alphonse’s post was actually earlier by about 1 hour! *** [Is someone crowdfunding a Monero ad in India’s economic newspaper?](https://finbold.com/is-someone-crowdfunding-a-monero-ad-in-indias-economic-newspaper/) > Interestingly, a Monero ad could be circulating in India’s traditional English newspaper: *The Economic Times*. The pseudonymous Stoic, author of “The Monero Standard,” shared a picture of the newspaper’s November 16th edition. In the picture, it is possible to see the paper’s opened front page with a large ad about XMR. > >> “Monero transactions respect your privacy. Can you say that about the INDIAN RUPEE or the U.S. DOLLAR?” > > Moreover, the image also includes a QR-Code for donations in “XMR only,” which suggests its owner is expecting to crowdfund what was spent for this supposed insertion.  

>A storefront, said Ortis, is a fake business or entity, either online or bricks-and-mortar, set up by police or intelligence agencies. > >The plan, he said, was to have criminals use the storefront — an online end-to-end encryption service called Tutanota — to allow authorities to collect intelligence about them. Tutanota (now Tuta) denies this: https://tuta.com/blog/tutanota-not-a-honeypot

Monero Saki • 10 months ago • 73%

cryptonews.net

> the onchain activities of the attackers were monitored and […] action was taken to freeze the wallets held by the attackers by working with other cryptocurrency exchanges > a member of the cryptocurrency community questioned how Binance could freeze these funds despite the fact that cryptocurrencies are marketed as not being confiscable by third parties > Changpeng Zhao […] said that the whole thing is a matter of balance. […] CZ implied that a solution to events such as theft cannot be found in a system that cannot be completely frozen. > CZ stated that if users use privacy coins such as Monero (XMR), such freezes will not occur, but the stolen funds cannot be returned. Cf. - Almost entire balance (2675 XMR) of Community Crowdfunding System (CCS) Monero wallet has been stolen https://monero.town/post/983106 - Monero Project admits thieves stole 6-figure sum from a wallet in mystery breach https://monero.town/post/1045387 PS. See also: Bitcoin can be traced, If you use XMR, then there isn’t much anyone can do https://monero.town/post/1069626

Monero Saki • 10 months ago • 78%

crypto.news

> regulatory scrutiny is shifting towards privacy coins […] Understanding how they will be implemented in systems that are decentralized, where the developers and maintainers often maintain anonymity, is complex. E.g. Bisq, Haveno > compliance with these regulations becomes a paradox for such projects since the crux of privacy coins lies in their ability to mask transaction details, which inherently contradicts the essence of regulations […] Therefore, achieving full regulatory compliance for privacy coins may sometimes seem impossible. […] in the UK, the Financial Conduct Authority (FCA) has been proactive in educating consumers about the risks associated with privacy coins but has not implemented bans or specific regulations concerning them. > in the United States, proposed legislation such as the STABLE Act could further extend the regulatory framework […] it’s plausible that the provisions of the STABLE Act […] could potentially mean that transactions involving privacy coins would need some form of identity verification > A prime example of a regulatory shift impacting privacy coins is the European Union’s Fifth Anti-Money Laundering Directive (5AMLD) […] these platforms are now obliged to implement customer due diligence measures, […] verifying user identities and monitoring transactions for any signs of activity. Potentially: - Alice (unhosted wallet) sends coins to Bob (CEX) -> Alice is also KYCed by the CEX - Alice (CEX) sends coins to Bob (unhosted) -> Bob is KYCed too

Monero Saki • 11 months ago • 80%

monero.town

> Monero Project admits thieves stole 6-figure sum from a wallet in mystery breach https://lemmy.world/post/7993453 i.e. https://monero.town/post/1045387 While there are typical comments like crypto=scam “You have to be quite stupid to support crypto in 2023”, there are also replies like these (with which more people seem to agree, unexpectedly): >It’s designed to protect anyone using it - even attackers. >That’s the price to pay for having privacy. >The alternative is an Orwellian dystopia. >If you’re going to use Luna, FTX, and NFTs as arguments about something like Monero, […] you probably don’t really understand any of them. It’s a bit odd that such a discussion is more active on a different Lemmy instance than here, but it’s interesting to hear honest opinions of various people about the incident, about Monero. Maybe your views are different from them, from mine. For example, one person states there that while they know exactly what Monaro is, they’re still skeptical.

Monero Saki • 11 months ago • 75%

github.com

>Collateral wallet is 2-3 multi-signature wallet but it doesn't have to be Monero. Bitcoin multi-signature is much more tested and very ease to use using Electrum or similar. >Option two on this topic would be to use Monero multi-signature to keep Collateral.

Monero Saki • 11 months ago • 25%

cryptodaily.co.uk

Somewhat curious, though not like using xmr speculatively. - 2023-11-02T15:57 CCS Wallet Incident · Issue #916 · monero-project/meta · GitHub - 2023-11-04T00:39 [Moonstone Research] Postmortem of Monero CCS Hack: A Transaction Graph Analysis (Dated Nov 03) - 2023-11-05T07:20 [One of the earliest media reports] Monerujo Wallet User Drains Monero’s CCS Wallet: Report - Coin Edition Some of the media reports are negatively confusing, like saying the Monero network is defective. Date-Time in UTC.  Edit: Moonstone Research -> 2023-11-04T00:39 was based on the server response headers (last-modified). Apparently the blog post was created about 1 hour earlier (the link was posted on Github at 2023-11-03 23:50).

> These changes radically expand the capability of EU governments to surveil their citizens by ensuring cryptographic keys under government control can be used to intercept encrypted web traffic > This enables the government of any EU member state to issue website certificates for interception and surveillance https://www.internetsociety.org/resources/doc/2023/qualified-web-authentication-certificates-qwacs-in-eidas/ > The browser ecosystem is global, not EU-bounded. Once a mechanism like QWACs is implemented in browsers, it is open to abuse https://en.wikipedia.org/wiki/EIDAS > The proposal would force internet companies to place a backdoor in web browsers to let them perform a man-in-the-middle attack, deceiving users into thinking that they were communicating with a server they requested, when, in fact, they would be communicating directly with the EU government. […] If passed, the EU would be able to hack into any internet-enabled device, reading any sensitive or encrypted contents without the user's knowledge See also: https://mullvad.net/en/blog/2023/11/2/eu-digital-identity-framework-eidas-another-kind-of-chat-control/

Monero Saki • 11 months ago • 69%

thenewscrypto.com

Nothing really new for us. Just one of the earliest media reports for the record. Edit (2023-11-06): Apparently, one of the earliest reports about the incident by general (“outside”) media is, [Monerujo Wallet User Drains Monero’s CCS Wallet: Report](https://coinedition.com/monerujo-wallet-user-drains-moneros-ccs-wallet-report/) [blocking Tor: [archive.org](https://web.archive.org/web/20231106012729/https://coinedition.com/monerujo-wallet-user-drains-moneros-ccs-wallet-report/)], at 2023-11-05T07:20+00:00. It’s interesting to see how general people are looking at this, and relatedly how they are thinking about Monero, although generally what’s written there is nothing new nor helpful for us (often disturbingly inaccurate even). For this reason I posted a few random links to related articles. You can add more and comment on it, if there are anything interesting or especially stupid 😖

[Edit 2: Read the admin’s “reasoning” and comments [here](https://web.archive.org/web/20231011061956/https://shitposter.club/notice/Aa34W1BLFyy3RuBB5M) or see PS below. The clearnet site is up again. The onion versions = 100% up tme for me] [Edit: As of writing this (2023-11-01) their clearnet server is down, while the onion version is working. Cock.li is exactly like this… Relatively rarely but randomly it’s down. Kind of irresponsible but it’s just like that. Interestingly, though, onion is up and clearnet is down. Usually opposite.] Onion http://rurcblzhmdk22kttfkel2zduhyu3r6to7knyc7wiorzrx5gw4c3lftad.onion/ **Cockbox** on **kycnot.me** - https://kycnot.me/service/cockbox  (From their webpage) > Cock.li is your go-to solution for professional E-mail and XMPP addresses. Since 2013 cock.li has provided stable E-mail services to an ever-increasing number of users. Cock.li allows registration and usage using Tor and other privacy services (proxies, VPNs) and thanks to continued funding by its users is certain to stay free forever. Cock.li (aka **Cockmail**) is a Tor-friendly, privacy-focused, soon-to-be-10-year-old free email provider (IMAP, POP, XMPP, Webmail). Although currently (since around 2021) a new registration is invite-only, the admin [@vc](https://shitposter.club/users/vc) now states on their website:  > E-mail is a Human Right! > > Oppressive governments are using dirty tricks to try and force e-mail providers to require phone numbers or other controlled integrations to register. We will never allow these crimes against our userbase. We will stand up for the right to register for e-mail without being surveilled, and demand this right to be recognized globally. Public registration re-opens on cock.li's 10th birthday, 20 November. Probably people here know this service pretty well, but some important points: - Their email addresses are sometimes blacklisted when you want to use them, because in the past the service was abused by spammers. So this provider **may not be suitable for normal users**/normal usage. Its “technical scores” may be low too, when checked e.g. via https://internet.nl/mail/ If you think this is sketchy and its name is weird, it is. It’s not for you, so please just ignore it. - A cock.li account may be great to have if you want to sign up and use it anonymously always via onion (something you can’t do with Proton or Tutanota), perhaps with PGP. Maybe great to use on **[Tails OS](https://tails.net/)** too. - Their service was not very stable in the past. In recent years, it’s been rather stable and very fast even via onion. Pop/Imap via Tor works perfectly. Cock.li onion may load 100 times faster than that of Proton. - Custom domains are not supported! Consider Disroot or Tutanota if you need them and would like to pay with Monero. - They are one of the earliest v3 onion providers. In contrast, Proton was so slow to migrate from v2 to v3 (even after v2 got obsolete). Cock.li is also one of the oldest mail providers that started accepting BTC **and XMR** donations. So probably they’re *extremely* well-funded (you know why). - If you use Thunderbird, set up your account manually (its automatic setup probably doesn’t work right). For more info, visit their webpage. Please DO NOT abuse this based cypherpunk service. *** PS. Vincent Canfield ([vc@shitposter.club](https://shitposter.club/vc)) [wrote](https://shitposter.club/vc) on September 23, 2023: > Good morning, CISA is now calling cock.li a "Malicious E-mail Domain" and implies this is because it's not "publicly available". So, cock.li will once again open to the public on its 10th birthday, 20 November. #StopRansomware > > https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-263a > > For those who don't remember, a previous CISA advisory which recommended "service providers strengthen their user validation and verification systems to prohibit misuse of their services" shortly predated cock.li going invite only. > > https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-116a > > I'm sure if cock.li added phone number verification these joint statements would go away. Everyone sees what's happening, you want to force all providers to link to identities so you can surveil people. Cock.li is never adding that bullshit.

> privacy is often considered a tabu when talking about money, despite being a well-accepted fundamental human right for other topics. The growing development of high-surveillance financial tools often creates controversy and conflict of interest against privacy cryptocurrencies. > [We] asked ChatGPT to pick three privacy cryptocurrencies: > > The AI responded with its top 3 picks being Monero (XMR), ZCash (ZEC), and Dash (DASH). >> “Renowned for its unparalleled privacy features, Monero uses ring signatures, ring confidential transactions, and stealth addresses to anonymize all transaction details. By concealing the identities of the sender and receiver, as well as the transaction amount, Monero makes financial data tracking nearly impossible, ensuring complete discretion for the users.” > > — ChatGPT-4

Meta Saki • 11 months ago • 75%

For example "3 (1 New)" is understandable: there are 3 comments, of which 1 is new. But I sometimes also see things like "6 (-3 New)", "5 (-1 New)", where the number of new comments is negative. Is this some kind of known bug, or is it by design actually meaning something? It's totally harmless, but weird... 

Monero Saki • 11 months ago • 72%

www.thecoinrepublic.com

> While privacy coins promise enhanced anonymity and financial freedom, they also pose challenges […] they often face heightened regulatory scrutiny, with some governments banning or heavily regulating their use. > the very feature that makes them attractive – their privacy – can also be their Achilles’ heel. […] This dual-edged sword might deter potential new adopters and pose reputational risks for those involved in legitimate uses of privacy coins. > Cryptocurrency privacy is vital for ensuring personal liberty and maintaining fungibility, becoming even more crucial as surveillance and data collection grow. […] a balance of innovative privacy technologies and thoughtful regulation is essential We all know this; not easy.

Monero Memes Saki • 11 months ago • 94%

[Hamilton](https://en.wikipedia.org/wiki/William_Rowan_Hamilton) was an Irish mathematician, who discovered [quaternions](https://en.wikipedia.org/wiki/Quaternion) on the 16th of October, 1843. When he discovered them, he was so happy that he carved his *fundamental equations* i² = j² = k² = ijk = −1 into the stone of a bridge (apparently he was walking near it). > “That is to say, I then and there felt the galvanic circuit of thought *close*; and the sparks which fell from it were the *fundamental equations between i, j, k; exactly such* as I have used them ever since.” If you think this is not fun, please, just ignore it. While I’ll write this like talking to a 14-year-old teen, the following is nerdy (mathematical) and lengthy 😅 *Today a hundred and four score years ago*, Hamilton discovered “quaternions”. To commemorate this, allow me to use (Monero-flavored) quaternions to prove **Euler’s identity**: If N is a sum of four squares and n is a sum of four squares too, then Nn is also a sum of four squares. Example: 8 = 2² + 2² + 0² + 0² and 127 = 9² + 6² + 3² + 1² are sums of four squares. So 8*127 = 1016 must be somehow a sum of four squares too. **Proof**: Given N = A² + B² + C² + D² and n = a² + b² + c² + d² with some intergers A, B, C, D, a, b, c, d, we need to show Nn = E² + F² + G² + H² with some integers E, F, G, H. Since we’re Monero fans, let us use ***X***, ***M***, ***R*** instead of Hamilton’s i, j, k. Things work in a “cyclic“ way like this: > ***X***² = ***M***² = ***R***² = −1 ... Eq.(1) > > ***X******M*** = ***R***, but ***M******X*** = −***R*** ... Eq.(2) > > ***M******R*** = ***X***, but ***R******M*** = −***X*** ... Eq.(3) > > ***R******X*** = ***M***, but ***X******R*** = −***M*** ... Eq.(4) If we define ***X******M******R*** = −1 imitating Hamilton’s ijk = −1, (2)(3)(4) follow. ***X***, ***M***, ***R*** are a bit unusual: the order of multiplication matters (e.g. ***X******M*** and ***M******X*** are different). On the other hand, regular numbers (say: e, f, g, h) can “move” freely, as in h***X******M*** = ***X***h***M*** = ***X******M***h. A quaternion is a “number” of the form e + f***X*** + g***M*** + h***R***. Assume we have two quaternions, Q = A + B***X*** + C***M*** + D***R*** and q = a + b***X*** + c***M*** + d***R***. Multiply Q by q, and things become a bit messy: > Qq = (A + B***X*** + C***M*** + D***R***)(a + b***X*** + c***M*** + d***R***) > > = Aa + Ab(***X***) + Ac(***M***) + Ad(***R***) > > + Ba(***X***) + Bb(***X***²) + Bc(***X******M***) + Bd(***X******R***) > > + Ca(***M***) + Cb(***M******X***) + Cc(***M***²) + Cd(***M******R***) > > + Da(***R***) + Db(***R******X***) + Dc(***R******M***) + Dd(***R***²) > > = Aa + Ab(***X***) + Ac(***M***) + Ad(***R***) > > + Ba(***X***) + Bb(−1) + Bc(***R***) + Bd(−***M***) ← using (1)(2)(4) > > + Ca(***M***) + Cb(−***R***) + Cc(−1) + Cd(***X***) ← using (2)(1)(3) > > + Da(***R***) + Db(***M***) + Dc(−***X***) + Dd(−1) ← using (4)(3)(1) > > = (Aa − Bb − Cc − Dd) > > + (Ab + Ba + Cd − Dc)***X*** > > + (Ac − Bd + Ca + Db)***M*** > > + (Ad + Bc − Cb + Da)***R*** If we write E = Aa − Bb − Cc − Dd, F = Ab + Ba + Cd − Dc, G = Ac − Bd + Ca + Db, H = Ad + Bc − Cb + Da, then above mess becomes tidy: > Qq = E + F***X*** + G***M*** + H***R*** ... Eq.(5) Now, consider a function `swap`() that converts a given quaternion u = e + f***X*** + g***M*** + h***R*** into a quaternion e − f***X*** − g***M*** − h***R***. By messy calculation like above, you can show: `swap`(Q) * `swap`(q) = E − F***X*** − G***M*** − H***R*** which is = `swap`(Qq) according (5). Generally, for any two quaternions u, v: > `swap`(uv) = `swap`(v) * `swap`(u) ... Eq.(6) We define the hash of u = e + f***X*** + g***M*** + h***R*** as `hash`(u) = e² + f² + g² + h². Since e, f, g, h are regular numbers, a hash is a regular number. Just like above, do some math and you get: > `hash`(u) = u * `swap`(u) ... Eq.(7) Using (7) with u = Qq, > `hash`(Qq) = (Qq) * `swap`(Qq) = Q * q * (`swap`(q) * `swap`(Q)) ← using (6) with u=Q, v=q > > = Q * (q * `swap`(q)) * `swap`(Q) = Q * `hash`(q) * `swap`(Q) ← using (7) > > = Q * `swap`(Q) * `hash`(q) ← hash is a regular number; can “move” freely Again using (7), we conclude `hash`(Qq) = `hash`(Q) * `hash`(q) ... Eq.(8) Recall the definition of “hash”. Given Q = A + B***X*** + C***M*** + D***R*** and q = a + b***X*** + c***M*** + d***R***, > `hash`(Q) * `hash`(q) = (A² + B² + C² + D²)(a² + b² + c² + d²) ... Eq.(9) We know Qq = E + F***X*** + G***M*** + H***R*** as in (5), so > `hash`(Qq) = E² + F² + G² + H² ... Eq.(10) (8) says (9) = (10), meaning > (A² + B² + C² + D²)(a² + b² + c² + d²) = E² + F² + G² + H² as required. Example (cont.): With 8 = 2² + 2² + 0² + 0² and 127 = 9² + 6² + 3² + 1², E = Aa − Bb − Cc − Dd = 2×9 − 2×6 − 0×3 − 0×1 = 6 F = Ab + Ba + Cd − Dc = 2×6 + 2×9 + 0×1 − 0×3 = 30 G = Ac − Bd + Ca + Db = 2×3 − 2×1 + 0×9 + 0×6 = 4 H = Ad + Bc − Cb + Da = 2×1 + 2×3 − 0×6 + 0×9 = 8 Sure enough, 6² + 30² + 4² + 8² = 1016 = 8*127 😃 Notes: We implicitly assumed that multiplication of quaternions is associative. This assumption is correct as you can see (ij)k = (k)k = −1 and i(jk) = i(i) = −1 are identical, etc. Euler originally used −B, −C, −D, instead of our B, C, D. Both versions are essentially the same. Monero-themed names ~ Standard names: > ***X***, ***M***, ***R*** ~ i, j, k > > swap ~ conjugate > > hash ~ norm (or norm squared, depending on how you define it)

mastodon.social

Send me your seed words. > "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say." —**Edward Snowden** https://en.wikipedia.org/wiki/Nothing_to_hide_argument

stopchatcontrol.eu

> 1️⃣ Completely normal photos, such as holiday pictures 🏞️ are considered suspicious. > 2️⃣ So our private family photos or the chats and pictures from your sexting yesterday 🍑🍆 also end up on an official table. So we can throw privacy in the bin 🚮 > Chances are high that most of your European friends have never heard of chat control. So let them know about the danger and what you think about the chat control proposal. > “The European Commission launched an attack on our civil rights with chat control. I contacted my local MEP to tell him that I oppose the proposal. You can do so too! This Website I found will help you write an e-mail to an MEP using A.I.”

Monero Mining Saki • 11 months ago • 85%

The bug fixed in cURL 8.4.0 (CVE-2023-38545) is a nasty one, but it seems rather harmless in our context. First of all, if you don’t use socks5, this issue should be irrelevant. (But do your own research. Source code is there for you to freely study, modify, compile.) According to the [blog](https://daniel.haxx.se/blog/2023/10/11/how-i-made-a-heap-overflow-in-curl/), the bug could be exploited only if a socks5 proxy user is tricked to resolve a crazy long hostname (~1024 characters+), which sounds unlikely; except if your direct peer is evil, they might be able to send you a crazy long hostname instead of a numeric IP… maybe? However, if you’re on socks5 proxy, the attacker can’t see your real IP to begin with, so they can’t attack you (I think). The only attack vector my stupid head can think of is: if for some reason you use both clear connections and socks5 connections, then a lucky attacker who notices your behavior can hit your real IP when you’re on Tor, using your wallet address as an identifier. (Tor exit nodes are public, so they know someone is on Tor.) Even then, *maybe* the worst thing that could happen is that your p2pool crashes due to buffer overrun.

blog.kycnot.me

> exchanges may randomly use this to freeze and block funds from users, claiming these were "flagged" […]. You are left hostage to their arbitrary decision […]. If you choose to sidestep their invasive process, they might just hold onto your funds indefinitely. > The criminals are using stolen identities from companies that gathered them thanks to these very same regulations that were supposed to combat them. > KYC does not protect individuals; rather, it's a threat to our privacy, freedom, security and integrity. - For individuals in areas with poor record-keeping, […] homeless or transient, obtaining these documents can be challenging, if not impossible. PS: Spanish speakers: [KYC? NO PARA MÍ](https://mastodon.social/@cafemonero/111216930316877541)

balkaninsight.com

**Cloudflare-free link** for Tor/Tails users: https://web.archive.org/web/20230926042518/https://balkaninsight.com/2023/09/25/who-benefits-inside-the-eus-fight-over-scanning-for-child-sex-content/ > It would introduce a complex legal architecture reliant on AI tools for detecting images, videos and speech – so-called ‘client-side scanning’ – containing sexual abuse against minors and attempts to groom children. > If the regulation undermines encryption, it risks introducing new vulnerabilities, critics argue. “Who will benefit from the legislation?” Gerkens asked. “Not the children.” > Groups like Thorn use everything they can to put this legislation forward, not just because they feel that this is the way forward to combat child sexual abuse, but also because they have a commercial interest in doing so. > they are self-interested in promoting child exploitation as a problem that happens “online,” and then proposing quick (and profitable) technical solutions as a remedy to what is in reality a deep social and cultural problem. (…) I don’t think governments understand just how expensive and fallible these systems are > the regulation has […] been met with alarm from privacy advocates and tech specialists who say it will unleash a massive new surveillance system and threaten the use of end-to-end encryption, currently the ultimate way to secure digital communications > A Dutch government official, speaking on condition of anonymity, said: “The Netherlands has serious concerns with regard to the current proposals to detect unknown CSAM and address grooming, as current technologies lead to a high number of false positives.” “The resulting infringement of fundamental rights is not proportionate.”

www.eff.org

> As enacted, the OSB allows the government to force companies to build technology that can scan regardless of encryption–in other words, build a backdoor. > Paradoxically, U.K. lawmakers have created these new risks in the name of online safety. > The U.K. government has [made some recent statements](https://www.eff.org/deeplinks/2023/09/uk-government-knows-how-extreme-online-safety-bill) indicating that it actually realizes that getting around end-to-end encryption isn’t compatible with protecting user privacy. But > The problem is, in the U.K. as in the U.S., people do not agree about what type of content is harmful for kids. Putting that decision in the hands of government regulators will lead to politicized censorship decisions. > The OSB will also lead to harmful age-verification systems. This violates fundamental principles about anonymous and simple access See also: [Britain Admits Defeat in Controversial Fight to Break Encryption](https://monero.town/post/498685)

Monero Memes Saki • 1 year ago • 86%

Libereco estas plej bona.