Overlay Network Designs and the Odds of Voids, Link Crypto [was: AP, latency]
>> > for other stuff...do you have to ask? What sort of system do you think >> > should be used for coordinating 'criminal' activity, instead of streaming >> > super full SHD video for retards? > And the answer is : some sort of 'high latency' mixing network. And > interestingly enough such a network doesn't seem to exist, although it seems > to me it would require less resources than something like tor. And nobody > seems to be worried about having or not having that kind of network, which > strikes me as odd... > What I was trying to say is that, if the use case is 'criminal > activity', then using a 'low latency' network like tor which provides > centralized 'hidden' services is a not a good idea. It's more like a recipe > for disaster. https://www.aclu.org/files/natsec/nsa/Tor%20Stinks.pdf If the mix or other network design is doing it's job, programmed delay, being a part of observed latency, might not end up mattering much to security. ie: Think of latency as the clock speed of the network. The job of passing around cells from here to there is a compute task, a fixed todo list set into instructions. Doesn't matter whether your job completes in 10 seconds, or 10 days, or with each instruction artificially delayed by a billion nop's on the fast cpu. Your cpu can still be probed and watched for months regardless how long it takes, so it doesn't seem that waiting n time units before passing a cell from a to b, b to c, c to d, will help in itself, because the network, or your path over it is not guaranteed to be full. Enough of those odds of empty voids happening at the right points, the ones your data is moving over, and you're hosed. If you've got all this idle time, might as well fill the mix, an actual defensive move. Zen's remindful blurb something others suggested for longer, me included. It really needs cross checked against available research, and researched into development if it works.. Would also like to see work on opensource IETF standard for all physical ports on all network hardware, each port having independant full time random keyed link encryption with tamper alerts, and full time fill to the capacity of the link with random data, baked in the silicon and silently on by default out of the box. Limited to opposing crypto suites, say three with a q resistant one. The silicon, firmware, and software required is expected to be trivial cost, like $1/port when applied globally. That'll seriously fuck with the vampires on the wire who don't have legal authority to force you to turn it off, or to particularly regulate your hardware, which in the western world is many jurisdictions. To wit, apple secure enclave is still thought by many to be resistant and live years later in T2 and A11. No, operators don't need to turn it off to debug their net, they copy the port above the MAC PHY of the chaff at the logical layer to another port. Which also is a human action which can't currently be forced, in any sane regime, and fishing for win with an illegal general warrant.
Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not
On Tue, Aug 7, 2018 at 5:21 PM, jim bell wrote: > https://www.nytimes.com/2013/08/03/us/postal-service-confirms-photographing-all-us-mail.html > > "But Mr. Donahoe said that the images had been used “a couple of times” by > law enforcement to trace letters in criminal cases, including one involving > ricin-laced letters sent to President Obama and Mayor Michael R. Bloomberg > of New York. The images of letters and packages are generally stored for a > week to 30 days and then destroyed, he told the A.P." > [end of quote from article] > > > About that article. > > I think it's curious that they claim to "destroy' the images after "a week > to 30 days". If there are about 1 billion mailed items each year, and it > takes 50 kilobytes to store an image (wild ass guess, and assuming some > compression), that would amount to 50 terabytes of data: A bit more than 4 > of the largest-capacity of hard drives currently sold. > > > https://www.wdc.com/products/internal-storage/wd-gold-enterprise-class-hard-drive.html?gclid=CjwKCAjwhqXbBRAREiwAucoo-yp9zBDxr1hrojtP7nXAw8Trmtx4-9N8m5DAecI3hqQeTEyGeHWYjBoCg_IQAvD_BwE > > Think about it. If YOU had access to this data, would YOU erase it, if the > storage only cost about $2000 per year? > > Jim Bell It's going to be about an order of magnitude more than that - not because of the size of the images, but because they're going to OCR and index all of it, but I'm sure they're already OCRing already, because automation. The images are pretty useless without it the indexing. But still - let's say that you're off by three orders of magnitude, and it costs $2m/year to store it, that's chump change for a very good surveillance system, and if you do network graphs and frequency analyses, etc, well, now you're cooking with gas. And, USPS might (or might not) destroy the data, but they don't mention whether or not they pass it all on the some TLA or other as well as passing on to LEO's on-demand. Wouldn't put it past them... Kurt
Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not
On 08/07/2018 06:14 PM, juan wrote: > On Tue, 7 Aug 2018 17:49:54 -0700 > Mirimir wrote: > > >> >>> for other stuff...do you have to ask? What sort of system do you think >>> should be used for coordinating 'criminal' activity, instead of streaming >>> super full SHD video for retards? >> >> That's the question. > > And the answer is : some sort of 'high latency' mixing network. And > interestingly enough such a network doesn't seem to exist, although it seems > to me it would require less resources than something like tor. And nobody > seems to be worried about having or not having that kind of network, which > strikes me as odd... Well, as I'm sure you know, high-latency mix networks -- Cypherpunk and Mixmaster remailers.[0] -- predate Tor. That's how I used the original cypherpunks list, way back when. A few years ago, I played with them a little. I got QuickSilver Lite running in Wine.[1] Basically, all email goes to alt.anonymous.messages, you download everything, and then your client finds stuff that you can decrypt. Some resources were (are?) available as .onion services. I probably have notes somewhere, if you're interested. I'm not sure why that all died. It _was_ bloody complicated, even with QuickSilver Lite. Also very slow. And I can't imagine how it could have scaled. Although I suppose that some of the binary newsgroups did get pretty fucking huge. But anyway, overhead is a key problem with mix networks. Development of the Web was part of it, I'm sure. Although I recall seeing a crude hack that pulled stuff from alt.anonymous.messages, and massaged it into a web page. >> I guess that you say that there is none, and we >> should all just organize our local cells. > > What I was trying to say is that, if the use case is 'criminal > activity', then using a 'low latency' network like tor which provides > centralized 'hidden' services is a not a good idea. It's more like a recipe > for disaster. Well, if you exclude low-latency networks, you're pretty much left with nothing to use. But even so, people who want anonymity, some of them doing illegal stuff, _will_ end up using Tor. So why not help them use it more safely? 0) https://remailer.paranoici.org/clist.html 1) https://www.quicksilvermail.net/qslite/
Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not
Original message From: Mirimir Date: 8/7/18 5:49 PM (GMT-08:00) To: cypherpunks@lists.cpunks.org Subject: Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not On 08/07/2018 05:04 PM, juan wrote: > On Mon, 6 Aug 2018 14:21:12 -0700 > Mirimir wrote: > >https://www.nytimes.com/2013/08/03/us/postal-service-confirms-photographing-all-us-mail.html >Sad but true Pictures? The postal service admitted they have ways of scanning written mail content, en masse, quite some time ago. Rr >> On 08/06/2018 02:03 PM, juan wrote: >>> On Mon, 6 Aug 2018 13:36:18 -0700 >>> Mirimir wrote: >>> >>> I bet that you use nothing. I mean, damn, you're using a Gmail account. >>> >>> yes, and I use it to order drugs via tor - after all many 'hidden' >>> services admins use their gmail accounts. That's how they get caught. >> >> Very funny :) >> >> But OK, let's say that Tor is Americunt honeypot. I mean, I have my >> doubts. But actually, the main reason why I don't order drugs from >> .onion marketplaces is not wanting to disclose my postal address. That's >> what earned DPR his first visit from the feds, after all. Fake IDs. > > > as a side note of sorts > > https://www.nytimes.com/2013/08/03/us/postal-service-confirms-photographing-all-us-mail.html Sad but true. >> Anyway, Tor is out of consideration. What would you have people use for >> any sort of anonymity? JonDonym? I2P? Cruising public WiFi hotspots? > > > it obviously depends on what kind of 'anonimity'. Browse the web for > ordinary stuff while not being tracked by advertisers? a vpn. Or two. Or tor. lol > for other stuff...do you have to ask? What sort of system do you think > should be used for coordinating 'criminal' activity, instead of streaming > super full SHD video for retards? That's the question. I guess that you say that there is none, and we should all just organize our local cells. And maybe you're right. >> What? >> >> Or is it nothing? And if nothing, how useful is that? >> >> Or maybe you have some really cool thing, but you won't share it? >> So maybe living in Argentina is your only protection. Whatever. >>> >>> > >
Cryptocurrency: Critical Thinking re Decentral vs Rest
Ultimate Cheat Sheet for Critical Thinking https://i.redd.it/k5fyetg8ooe11.jpg
Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not
On Tue, 7 Aug 2018 17:49:54 -0700 Mirimir wrote: > > > for other stuff...do you have to ask? What sort of system do you think > > should be used for coordinating 'criminal' activity, instead of streaming > > super full SHD video for retards? > > That's the question. And the answer is : some sort of 'high latency' mixing network. And interestingly enough such a network doesn't seem to exist, although it seems to me it would require less resources than something like tor. And nobody seems to be worried about having or not having that kind of network, which strikes me as odd... > I guess that you say that there is none, and we > should all just organize our local cells. What I was trying to say is that, if the use case is 'criminal activity', then using a 'low latency' network like tor which provides centralized 'hidden' services is a not a good idea. It's more like a recipe for disaster. > And maybe you're right. > > >> What? > >> > >> Or is it nothing? And if nothing, how useful is that? > >> > >> Or maybe you have some really cool thing, but you won't share it? > >> > So maybe living in Argentina is your only protection. Whatever. > > > >>> > >>> > > > >
Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not
On 08/07/2018 05:04 PM, juan wrote: > On Mon, 6 Aug 2018 14:21:12 -0700 > Mirimir wrote: > >> On 08/06/2018 02:03 PM, juan wrote: >>> On Mon, 6 Aug 2018 13:36:18 -0700 >>> Mirimir wrote: >>> >>> I bet that you use nothing. I mean, damn, you're using a Gmail account. >>> >>> yes, and I use it to order drugs via tor - after all many 'hidden' >>> services admins use their gmail accounts. That's how they get caught. >> >> Very funny :) >> >> But OK, let's say that Tor is Americunt honeypot. I mean, I have my >> doubts. But actually, the main reason why I don't order drugs from >> .onion marketplaces is not wanting to disclose my postal address. That's >> what earned DPR his first visit from the feds, after all. Fake IDs. > > > as a side note of sorts > > https://www.nytimes.com/2013/08/03/us/postal-service-confirms-photographing-all-us-mail.html Sad but true. >> Anyway, Tor is out of consideration. What would you have people use for >> any sort of anonymity? JonDonym? I2P? Cruising public WiFi hotspots? > > > it obviously depends on what kind of 'anonimity'. Browse the web for > ordinary stuff while not being tracked by advertisers? a vpn. Or two. Or tor. lol > for other stuff...do you have to ask? What sort of system do you think > should be used for coordinating 'criminal' activity, instead of streaming > super full SHD video for retards? That's the question. I guess that you say that there is none, and we should all just organize our local cells. And maybe you're right. >> What? >> >> Or is it nothing? And if nothing, how useful is that? >> >> Or maybe you have some really cool thing, but you won't share it? >> So maybe living in Argentina is your only protection. Whatever. >>> >>> > >
Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not
On Tuesday, August 7, 2018, 5:05:46 PM PDT, juan wrote: as a side note of sorts https://www.nytimes.com/2013/08/03/us/postal-service-confirms-photographing-all-us-mail.html × "But Mr. Donahoe said that the images had been used “a couple of times” by law enforcement to trace letters in criminal cases, including one involving ricin-laced letters sent to President Obama and Mayor Michael R. Bloomberg of New York. The images of letters and packages are generally stored for a week to 30 days and then destroyed, he told the A.P." [end of quote from article] About that article. I think it's curious that they claim to "destroy' the images after "a week to 30 days". If there are about 1 billion mailed items each year, and it takes 50 kilobytes to store an image (wild ass guess, and assuming some compression), that would amount to 50 terabytes of data: A bit more than 4 of the largest-capacity of hard drives currently sold. https://www.wdc.com/products/internal-storage/wd-gold-enterprise-class-hard-drive.html?gclid=CjwKCAjwhqXbBRAREiwAucoo-yp9zBDxr1hrojtP7nXAw8Trmtx4-9N8m5DAecI3hqQeTEyGeHWYjBoCg_IQAvD_BwE Think about it. If YOU had access to this data, would YOU erase it, if the storage only cost about $2000 per year? Jim Bell
Re: the tor scam - Re: AP deconstructed: Why it has not happened yet, and will not
On Mon, 6 Aug 2018 14:21:12 -0700 Mirimir wrote: > On 08/06/2018 02:03 PM, juan wrote: > > On Mon, 6 Aug 2018 13:36:18 -0700 > > Mirimir wrote: > > > > > >> I bet that you use nothing. I mean, damn, you're using a Gmail account. > > > > yes, and I use it to order drugs via tor - after all many 'hidden' > > services admins use their gmail accounts. That's how they get caught. > > Very funny :) > > But OK, let's say that Tor is Americunt honeypot. I mean, I have my > doubts. But actually, the main reason why I don't order drugs from > .onion marketplaces is not wanting to disclose my postal address. That's > what earned DPR his first visit from the feds, after all. Fake IDs. as a side note of sorts https://www.nytimes.com/2013/08/03/us/postal-service-confirms-photographing-all-us-mail.html > > Anyway, Tor is out of consideration. What would you have people use for > any sort of anonymity? JonDonym? I2P? Cruising public WiFi hotspots? it obviously depends on what kind of 'anonimity'. Browse the web for ordinary stuff while not being tracked by advertisers? a vpn. Or two. Or tor. for other stuff...do you have to ask? What sort of system do you think should be used for coordinating 'criminal' activity, instead of streaming super full SHD video for retards? > > What? > > Or is it nothing? And if nothing, how useful is that? > > Or maybe you have some really cool thing, but you won't share it? > > >> So maybe living in Argentina is your only protection. Whatever. > >> > >> > > > >
I ordered hand rolled libertard bullshit
Leave it to a right wing scumbag like ZeroHedge to write a lede like 'sends venezuelan military running their lives', HAHAHA YEAH! Like they did when they ran the CIA Contras out of the country, without assistance from any other government. Rr
Re: [Cryptography] threat models, was Krugman blockchain currency skepticism
On Mon, Aug 6, 2018 at 6:05 PM, John Levine wrote: > In article > , > grarpamp wrote: >> Cryptocurrency value moved every month is 30x paypal's and growing. >> Ten more years and those 200 million users will be on cryptocurrency. > > Paypal's current transaction volume is about $40 billion/month, > growing at a modest rate. Can you tell us where you get your number > of $1.2 trillion/month for cryptocurrencies? > https://www.statista.com/statistics/277841/paypals-total-payment-volume/ That should have been ~3x (2.7x) coming from just the BTC value volume moved, and ~385B$/mo for the entire cryptocurrency space, both using today's coinmarketcap rates. Paypal is also doing ~295 tx/s, which might just be eclipsed by even early iterations of below stress work with a single cryptocurrency (even more when summing the current capabilities of top 10 decentralized cryptos for example representing and carrying the market space for tx / tps)... https://stresstestbitcoin.cash/ ~25.6M tx/d will beat Paypal, with perhaps only 33% of that needed to make news waves. Paypal claims ~245M "active" users, or 3.2% of world pop, which smells a little fishy. BTC alone has ~55M utxo's, consolidated down into owned wallets at recent oppurtunity from peak of ~68M, some study estimates try taking that down further to approx body count. Cryptocurrency has no worries there either, and again, starts making waves before then. And Paypal has never made the world's daily syndicated TV and print news like cryptocurrency has. Regardless of which sources you choose, cryptocurrency is close at the heels of Paypal, already biting off chunks in some areas, including philosophical ones. Expect Paypal to be completely eclipsed by cryptocurrency in five years or less. >>> If an issuer doesn't redeem a bill >>> what recourse do you have other than to denounce him? >> Cryptocurrency... you either have the keys and value or you don't. > I don't want a wallet hash That's smart, because whoever told you you could spend such a construct is a fraud. > these were bills redeemable in real assets. > I want my kilo of platinum or whatever. > What's my recourse when the platinum doesn't show up? Precisely, such bills are a risk with variable recourse. "Bills of exchange by different issuers" The blockchain takes care of issues with "issuers" "bills" and reputation, you either have the confirmed spend or you don't, and you're stupid if you walk off before you do. And the market takes care what other "assets" one can get in "exchange" for the UTXO's you're about to spend. You're of course free to make and sign whatever other contracts / bills you want, call them private pegs / tethers if it makes you happy, and accept all their risks. This is basically arguing volatility again, and what cryptocurrency is saying, Neo, is that you won't need to. [1] Those who argue volatility against decentralized cryptocurrency shouldn't do so as what they're saying is they... - really want centralized regulated fiat equivalents - clearly don't get that *of course* by their very nature decentralized cryptocurrencies are *expected* to be "volatile" early on. This is an innate feature, not a bug. But hey while people are on the "volatility" tip, look at all the other *volatile* central regulated fiats out there both new and old... https://wikipedia.org/wiki/List_of_sovereign_states_by_date_of_formation https://wikipedia.org/wiki/List_of_currencies And lots of other reasons you might not want them... https://wikipedia.org/wiki/List_of_former_sovereign_states https://wikipedia.org/wiki/Timeline_of_historical_geopolitical_changes All that pegging, tethering, backing, and government guns people say gives [nonvolatile] value... doesn't seem to be doing a very good job of it. Perhaps it's time the world, and you, tries something truly different, for once, in like thousands of years, of not doing so, lol. It's out there, and could be in your wallet today, and spent in some equitable trade tomorrow. # other > Obviously, you can be cut off by governments, payment processors, > exchanges, [etc list of formal entities] Nowhere in those blurbs was the direct P2P functionality of decentralized cryptocurrencies mentioned... much harder to cut that off without nuking the underlying [sneaker] nets, the difficulty of that mentioned in another thread. > Reputation is entirely based upon non-repudiation, and liability (provably > having sufficient real assets to cover their outstanding balance). > Blockchain currency doesn't have either of those properties. Neither does fiat. Try and invent them on top of them if you want. > Manafort is also learning About decentralized cryptocurrencies, and the gold watch, along with the rest of the world's people. [bcc cypherpunks]
Re: [Cryptography] Krugman blockchain currency skepticism
On Mon, Aug 6, 2018 at 4:11 PM, Benjamin Kreuter wrote: > On Mon, 2018-08-06 at 14:11 +0800, jam...@echeque.com wrote: > As others have asked, what is the problem we want to solve? The > beginning of this thread was a proposal that the problem is that the > government might target an activist group's finances. Now it sounds > like you are talking about the government trying to attack the entire > payment system. That is indeed a valid problem. Among many others in many sectors and applications. >> A crypto currency needs to be centerless - it needs to able to >> survive the seizure of key servers by a hostile powerful party. True, a properly decentralized cryptocurrency has no such seizable / sueable servers. Decentralization is under attack in more ways than most people realize, not just by the purposeful noise deluge of junk / centralized coins, tokens, ico's... but also by very insidious methods. As an example... https://www.youtube.com/watch?v=UYHFrf5ci_g https://www.youtube.com/watch?v=0BZoKH-hX_o https://www.youtube.com/watch?v=tKYEQVPklLI https://www.youtube.com/results?search_query=bitcoin+censorship https://www.reddit.com/r/BitcoinMarkets/comments/6rxw7k/informative_btc_vs_bch_articles/dl8v4lp/ Whether you're a user, code / crypto developer, business, whatever... you need to understand these things and be able to spot them, call them out, and exchange and adopt away from them once they happen. In the cryptocurrency space, there is no birthright, let alone against treason, or any other lesser offense. A bit more from the series... https://www.youtube.com/watch?v=pOZaLbUUZUs https://www.youtube.com/watch?v=rgts1qb0hLY https://www.youtube.com/watch?v=yGrUOLsC9cw > Get back to me when the Internet itself cannot be shut down by the > government. For so long as free speech, encryption, and overlay networks exist, cryptocurrency and the internet cannot be shutdown. If you accept, either personally or as a populace, the shutting of your connection and or the disablement of your crypto, for mere agnostic tool use, and for no provable reason otherwise, then you're fucked. If the Four Hoursemen of the Infocalypse didn't do it already, then the only thing left is a bonafide threat to the existance of government itself... to its taxes collected by force. Once people worldwide start to figure out they can bypass the redundancy, inefficiency, non choice, war, etc of governments by moving their transactions onto the encrypted blockchain networks... that's the last game... you either sheeple out forever into a questionable existance, or make your stand. Don't be a sheeple.. https://www.youtube.com/results?search_query=banks+fear+bitcoin https://www.youtube.com/results?search_query=governments+fear+bitcoin [bcc cypherpunks]
Re: Cryptocurrency: Music
https://www.youtube.com/watch?v=k7PRaIYl0nE # Upside down https://www.youtube.com/watch?v=nAMRFDs9iOs # bch https://twitter.com/BitcoinCashFund https://www.yours.org/@singularity https://old.reddit.com/user/singularity87 https://www.yours.org/content/the-bitcoin-scaling-wars---part-1---the-dark-ages-d71e23cffbe7
Great bet for Forecast Foundation Ethereum/Augur betting system:
"Will this prediction be false?" Jim Bell
