cannon-c[m] : I would say the current state of privacy is BTC < LN < monero based on current literature. One big issue with LN privacy is that onion routing doesn't seem to be meeting the desired properties at the moment

I haven't spent substantial time on this, and the network is harder to analyze than Blockchain because there "moar stuff" is happening to make analysis more difficult

one issue I would expect to be (not-solveable?) is that each route is never going to be uniform

you cannot select a route from A->B->C uniformly because of liquidity selection. From an information theory perspective, this is suboptimal

whether people come up with crazy work-arounds to alleviate (or whether someone already has), I dunno

reddit.com/r/Bitcoin/comments/7rrjp…g_appropriate_for_lightning_network is an interesting read, and afaik isn't completely full of crap

in other words, even with "onion routing" B can determine that A is the source based on inferred liquidity

^*in some cases

In all honesty, we need an ample successor to the Tor Project. The Tor Project lacks independent bandwidth and geographical autonomy. If we could take on the principles of other networks, such as Tor, i2p and Freenet as well as private VPN solutions such as the patent concerning residential p2p networks which are under dispute and many arguments can be made against it, dissolving the patent, it would be a waste of time

to implement Tor into anything private outside of a marketing and publicity ploy. It could increase awareness about Monero by using Tor, but Tor isn't a really good platform for anonymity in it's current health state.

what patent?

There is a patent under dispute in the Marshall District/TX/Fed by a Lithuanian and Israeli company

over a patent concerning residential peer to peer nodes for using a vpn system.

....high bullshit?

The patent was granted in Mar/2014, there is a lot of evidence that they didn't discover anything

Still under dispute, but something using a residential peer to peer vpn system would be a lot more geographically autonomous and would provide more independent bandwidth than the current Tor system which is predominately a few ASNs in a few countries.

so anyway, a network using padding/fill traffic is sorely needed

tor is a joke

the metrics for tor are pitiful. outside of marketing and awareness, I don't think anyone should be using it for increasing financial security.

right - tor is obviously weak when it comes to resisting 'traffic analysis' and the traffic analysis capabilities of so called 5 eyes (6?) are getting better by the day

they are getting better by the day, but we're 7 years ahead of the Snowden leaks.

is this in response to what I said? in this context onion routing was LN based and separate from Tor

I think we should consider Tor essentially a dead project, with components that would useful for deployment in a newer, more accessible system.

vtnerd, yeah different systems, though I wonder how does traffic analysis of the LN work?

I was reading the other day that someone got targeted ads from Google whilst using Tor Browser on reddit. I don't think anyone should recommend that system as future-proof. Anyone relying on it currently is doing so at their own peril.

its likely to have the same timing issues of Tor, if thats what you mean. I've seen this discussed ... somewhere

so you can correlate encrypted traffic like in tor?

Randomized Network Latency could change node connection predictability.

I think you need constant rate links, and reclocking of the streans, to avoid watermarking.

streams*

Possibly.

I don't recall seeing anything describing padding or randomized latency, but its difficult to keep up with an entirely different system Im not working on

<KiloLima "I was reading the other day that"> source? likely they were using a windows computer or android phone. need technical info

because using tor does nothing if your computer spies on you. Reading now

if you have javashit enabled, then you're going to be tracked

reddit.com/r/TOR/comments/epncwg/co…ed_ad_tracking_by_google_inside_new - I haven't read this one, but it seems to be quite a common issue using some alternative device fingerprinting.

KiloLima: lol.

'Because I want to obfuscate the fact that I'm using TOR from my ISP - they also have user profiling incentive - I am using either ExpressVPN or ProtonVPN before connecting to TOR'

interesting

but when I see the words "mac" and "chrome" this is admission of having spyware. Not sure if this spyware would be related or not

I am curious if any non windows or mac or chrome users experience this

Just got to wait for more samples.

I think arma would probably know more about what's going on

I know that googley phones and proprietary consumer computers can communicate with each other using ultrasonic sound

again, if you use javashit, you can be easily tracked

from what I heard. I wonder if this person also has a smartphone

and of course the tor assholes have javashit on by default

because of 'convenience'

need javashit to load any freaking website these days, why I only whitelist using no-script with tor browser inside sandbox

does the sandbox prevent fingerprinting?

hmmm let me check panopticlick

Hmm. If someone wants to fight fire with fire in the US, I wonder if it would work to claim "using tor is a protection system, trying to deanonymize a tor user is illegal circumvention of a security system".

Might not work since it's not your own computer though.

under common law, it's legal for US authorities to hack into any foreign system without a warrant if it may contain evidence of a crime.

security should not be relying on trusting governments or anyone to "please be nice". Security should be made to where even if someone wants to de-anon they cannot

(would only work vs coroporates of course, but that'd be pretty good already)

we seen that used with the Ross trial.

KiloLima they hack US computers illegally anyways. They do not follow laws

OK, missing the point by miles. Back to coding.

Apple got away with monitoring iPhone conversations between employees in a civil lawsuit

sorry

They're suing the guy who founded that chip business off mission college blvd in santa clara, using his own minute/text usage to other staff.

technically an unlawful wiretap

in the air of whether it can be used or not.

moneromooo, I assume you know about this cbsnews.com/news/telecom-immunity

Not sure. I know there are wide randing executive powers for "special" circumstances, usually short term but can be extended indefinitely. My point was about corporates doing this for ads. If you only cre about govt, fine. That was not my point though.

moneromooo, sorry, what I had in mind is that if one were to claim that businesses trying to deanonymize users is somehow illegal, the govt is likely to side with businesses, not users. The telecom immunity thing being an example.

By claiming "we feed off all of this, so it's a natsec issue" ?

I suppose they're kinda dropped the pretense since snowden.

heh

per panopticlick

"Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 2210.7 browsers have the same fingerprint as yours.

Currently, we estimate that your browser has a fingerprint that conveys 11.11 bits of identifying information."

on a tor browser inside a disposable vm, that I enabled all javascript on

of course I usually have javascript disabled. I am curoius what those 11 bits are, looking more into it. From conversation earlier

Im curious what other tor browser users get for resultss. Since panopticlick test multiple browsers not just tor browser

As for onion routing. I agree that Tor has concerns of timing based analysis. I wish there was something better than Tor or that tor would mitigate global passive adversaries better (does it?). The threat is a global passive adversary that can see all internet traffic in realtime five eyes.

I dont think Tor does random padding between hops with random millisecond delays? If not I think it should

And my research on Lightning is limited. So I could be wrong but I believe lightning packets have padding? I really am curious how resilient lightning is from passive internet observance. Especially if nodes use tor or i2p.

Not to stray off of topic of monero. Just mentioning this as we were talking about lightning earlier and privacy of ln vs xmr. Either way XMR is more privacy than BTC on the blockchain level. And it would be cool if xmr got something like lightning for scalability purposes

or a way to do xmr transactions that do not have to be on the blockchain layer, yet is still enforced by the blockchain layer, like lightning is

* or a way to do xmr transactions that can happen off of the blockchain, yet is still enforced by the blockchain layer, like lightning is

yeah i think second layer stuff like lightning will eventually happen on monero cannon-c[m]

I hope so :)

but if that happens, bitcoin is in trouble

likely

eh. the nation states will keep that one alive

hey does anyone know how anonymous it is to join a telegram group? what is disclosed?

knaccc: I take it you are already on Telegram. You can click this link. This is how your privacy settings should be set up. That way you do not disclose your phone number with anybody, no matter what. t.me/OpenSourceTelegram/109

rottensox ooh thanks!

Read these three channels: (i) t.me/CloudLeak, (ii) t.me/privacytoday and (iii) t.me/OpenSourceTelegram knaccc.

They have good content up there.

If on Android F-Droid has a FLOSS version of Telegram. Recommended.

rottensox very cool, thanks. in general, would you say using telegram for private groups with anonymous membership is silly or pretty good?

cannon-c[m]: Within our dataset of several hundred thousand visitors tested in the past 45 days, one in 67.32 browsers have the same fingerprint as yours.

Currently, we estimate that your browser has a fingerprint that conveys 6.07 bits of identifying information.

knaccc: well... depends on what you consider 'private' to be honest.

That is without any JavaScript on the Tor Browser

and 'anonymous membership', since you're still coupling a phone number with it...

Running Windows 10 LTSC

let's suppose you use a burner phone to create a telegram account, set every privacy setting so that you don't leak phone number, last seen, can't be added to groups, yadda yadda yadda, and use a fake name and don't post sensitive data or use your face as your profile picture. it's okayish.

im checking with javascript disabled

rottensox i guess telegram have the ability to leak my memebership of groups... i'm more concerned with the group owner or participants seeing my identity. telegram seems to be where people are going for uncensorable communications

but you can find lots of useful input in this regard reading up on those three channels i directed you to, frankly.

JS is disabled Tor Browser is configured to safest config.

remember that burner phones still track pin point location

damn.

so can be identified by whatever phone travels with the burner, or where burner is turned on at?

this channel has double extra side of paranoia today.

ok with tor browser javascript disabled

Within our dataset of several hundred thousand visitors tested in the past 45 days, one in 67.3 browsers have the same fingerprint as yours.

Currently, we estimate that your browser has a fingerprint that conveys 6.07 bits of identifying information.

so I appear the same as you now!

But we're working on a non-commercial, i.e. non-continuously updated platform for testing our fingerprint.

I take it you aren't using Windows NT

rottensox: this channel has double extra side of paranoia today. - The plate has been in the kitchen for so long, we might as well bring it out to nom on.

ok mr canadian television.

lol. you're not going to let that one go. i should have read the bitcoin-dev emails before i said anything.

rottensox thank you so much for those links, they convinced me to stay well away :)

lol. probably very wise decision.

xo

define pin point location @ burner phones

.balance

!balance

huh..

.xmr

hello

is the tipbot dead or something?

I'll give you more than the tip

Client: HexChat 2.12.4 • OS: Unknown Distro • CPU: Intel(R) Core(TM) i5-3340M CPU @ 2.70GHz (2.69GHz) • Memory: Physical: 976.4 MiB Total (862.3 MiB Free) Swap: 62.5 MiB Total (62.5 MiB Free) • Storage: 2.2 GB / 10.0 GB (7.8 GB Free) • VGA: 15ad:0405 @ 8086:1237 • Uptime: 31m 4s

:^v

based

Skirmant: yes tippero is dead since the last monero upgrade

tippero needs to be upgraded but no idea when that might happen

If it's about the payment ids, it'll be whenever someone else patches it.

But it can run with deposits off just fine.

Discord bots are all the rage these days though moneromooo

Someone's free to fork it and add a discord module :)

Or someone else has another bot also based on modules, better there since it's maintained.

Bill48105 I think ?

hey what up moneromooo

Is it you who made a tip/game bot that supports monero ?

my irc bot supports monero but i haven't done a discord one.

i'm 98% done with the rewrite of my Wallet multi coin IRC bot that is now multi platform. Multi IRC (not just freenode), discord, telegram, keybase, matrix & slack working while Twitch is IRC based so technically it's sorta supported

that new bot will support all the coins supported already

what changed on monero that broke tippero?

It's still using old payment ids.

vs integrated?

And given it's been barely used in years, I'm not spending time on this anymore.

That or subaddresses.

guess i didn't use tippero deposit/withdrawal enough

On Wallet I did integrated figuring it was the one most like other wallets people are used to

I've never had a bot

they'e cold & don't cuddle after sex

the channel is welcome to use my bot until the new one is done. I could spin up an instance of my discord bot for monero but I already run 4 stand alone discord bots & would prefer to spend the time getting the new combined one done so i can retire the stand alone ones

I just asked because Mochi101 mentioned it really, I don't know whether people are interested beyond that (they might well be).

yeah i hear ya

I just want to give away or withdraw wat I have on tippero and be done with it

but yeah not to ramble but my new bot is a complete rewrite. modular/pluggable not only for platforms but commands. to add a new platform is just matter of making a class with the neccessary functions. then all commands & functionality is available to the new class so every platform shares the same commands & output calls

maybe a manual withdraw is possible?

there's kinda been ample warning & chance to get monero out

there was?

well not this time but the other times :D

i mean it was offline for months before. that's a pretty good clue that if the bot comes alive again get em out before the next round

then again i'm type of person who prefers to have control over my own coins. he who holds the keys owns the coins

i remind people that often. don't keep any more coins outside your control than you're willing to lose

but yeah running a bot is enough of a time suck but dealing with wallets is awful

fluffypony: any chance you can get tippero back online with deposits off just so people can withdraw ?

that would be cool

yes ofc I tried to give what little I had away but that resulted in me getting it back 10x lol

lol nice ROI!

my bots get good amout of use especially with doge which is by far the most popular but roger ltc & few others of the 15 get enough use to warrant keeping them

forget about my bot let's talk about your dress

it's on the floor

sexy

hopefully integrated addresses don't go anywhere

please no

ikr

Bill48105: Discord bots are pretty easy. I made a basic tipbot on NodeJS for standard bitcoin RPC in a day

yeah discord api and available libraries make it easy

Never tried anything with Monero though

monero uses different rpc api but similar enough to figure out if you know what you're doing

i feel like im too old for discord

probably full of zoomers

lol

ok zoomer

has ring to it

i envision being bombarded with gifs

indeed & worse

thankfully you can disable all that

who uses gifs these days?

it's all about webms

web pages auto load & preview as do links to pictures etc

so your eyes can get a treat without asking

and yeah there are a LOT of *really* shitty bots on discord

Well... you guys do know that dicksword.com redirects there right?

lol

how would we know that :D

.shrug

not a site i'd intentionally go to lol

does sound a lot like discord though

telegram is like lite discord. it's not to bad really

Also terrible.

I checked out the Church of Monero for a few rounds... They had a Telegram channel.

telegram requires your phone number

not a fan of that

right that part sucks

could use burner or virtual number

but it's annoying it's required

try keybase.. they require DNA sample

i forgot about the church of monero, do they still exist?

they push you to confirm 3 places for your protection. luckily one can be paper wallet

does telegram have p2p encryption for group chats?

like whatsapp

i wasn't much of a fan of matrix

why not XMPP? it's federated, has private chats and group chats, and supports end to end encryption :D

matrix and telegram just reinvent it poorly

they each have different goals

private group chats now too with omemo?

omemo supports group chats afaik

i got fatigued adding platforms to the new bot. there are just so many

are we group chatting now?

group arguing

lol that's about it

each platform has pros n cons. IRC is far from perfect

you shut your mouth. irc forever :D

irc4eva

:**

bill is bad name, far from perfect

Bill is best name

arent you on matrix dotflac[m]? lol

yeah

lol

trying it out

and it's shite

shite 2 da max

all the native matrix rooms are dead despite having 18k members

and the bridges don't work half the time

and you can't clear the unread messages indicator without scrolling up and waiting for javascript to register them all as read

and no keyboard shortcuts

i guess those last points are specific to this client but it's basically the flagship client

ok cool just checkin cuz you said irc 4va lol

irc 4 life

die 4 irc

kill 4 irc

irc 4 die

my new bot supports optional cross platform & cross channel bridging. So that users on different platforms can communicate and tip even over cross platform seemlessly

forget about my bot let's talk about your dress

Hi guys, I'm a bit lost I've got a bunch of contradicting info on xmr stak for mining monero - is it still possible or no?

And if so which cryptonight version do I need to mine?

edot, most people are using xmrig these days

Monero does not use cryptonight anymore. It uses randomx.

So xmr-stak is not an option at all? Just use xmrig? (I don't have a preference)

edot: xmrstak can still be used for Monero. But you should use xmrig. Better perfomances and the devs are not complete assholes

People seem to be having less troubles with xmrig

Sounds good to me

Thanks!

The dev, in fairness. psychocrypt hasn't been an asshole AFAIK.

One of the dev, unless fireice is not developing xmr-stak anymore, but doesn't seem like it from his tweets. Didn't psychocrypt co-develop ragerx and participate to the mud-machine fireice built up? (i honestly don't know)

I don't know. But I'll assume he's just coding unless evidence.

I never actually said anything about the devs moneromooo, I've just seen that people come to -pools less often for xmrig

ErCiccione[m]: I don't think I've seen much mud slinging (of any) from psychocrypt. he does development but seems to stay out of the drama.

Got it. Thanks inge-. Btw i was talking about fireice because i assumed he is still developing xmrstak. I might be wrong tho, i don't follow it at all.

it us his team if not him. and I find it fair to inform people considering multiple miners to take into consideration the stated motivations of the people behind the miners. if someone is mining xmr purely for profit, then they will optimize and might not care, but if they want to support the network - it is definitely something they will consider.

so the telegram group for Monero Mining doesn't mince words when someone asks the diff between them.

404 Not Found

MalMen: not released yet

use getmonero.org for the latest release

ahmmm

or compile v0.15.0.3 yourself

is the URL on the official download links

*its

yes I know, the link will work once the bins are uploaded

but the binaries are not ready yet

and there is hash already ?

monero-gui-win-x64-v0.15.0.3.zip, 99d9fe30931f29a5fe9cd81328ab1dd0146e77fd5cd15d5ef87d50b395b8b838

lol, just found it funny, no problem for me

yes, the bins were ready but not uploaded yet as someone else will do them

and he has to setup the environment so it will take a bit until they are released

we should remove it probably but I can’t edit the page