On Sunday 03 August 2008 03:34, Hierophant wrote: > --- toad at amphibian.dyndns.org wrote: > > > From: Matthew Toseland <toad at amphibian.dyndns.org> > > To: support at freenetproject.org, hierophant at hell.com > > Cc: Steve Topletz <sales at xerobank.com> > > Subject: Re: [freenet-support] (no subject) > > Date: Sat, 2 Aug 2008 21:08:20 +0100 > > > > <snip> > > > > Cool. However I would point out that there is an entire industry > > dedicated to reversing money anonymisation schemes. > > Yes, I'm aware of the eGold mess et alia.
eGold mess? Not aware of that one... > The anonymity of my payments to XeroBank via Dalpay is vulnerable to attacks on either and/or their relationship. Although I do trust Dalpay based on what I've read about their mission <http://www.dalpay.com/pages/privacy.html>, they are in Iceland, and so are relatively vulnerable to governmental pressure. OTOH, Iceland did grant asylum to Bobby Fischer [;-) > > But even if my anonymity at Dalpay is compromised, that yields only my XeroBank payment account number. According to XeroBank, that doesn't reveal my XeroBank access account number (and vice versa). Of course, I'm pretty sure that XeroBank could correlate the two accounts, especially if I paid Dalpay via XeroBank's VPN (which I don't). > > So, if Dalpay betrays me, I'm left trusting XeroBank. It's problematic that we have no clue who's behind XeroBank. That's part of XeroBank's security/privacy model. Basically, I've decided to trust Steve Topletz, and to trust that he wouldn't be part of XeroBank if it were evil, or clueless and vulnerable. > > I trust Steve based on what I've read by and about him. He has an apparently-impeccable reputation re cDc, Hacktivismo, Tor and so on. Given his long association with security experts and privacy advocates, it's arguable that he would have been outed long ago if he were working with the FBI, NSA, KGB or whatever. Although Tor started as a US Naval Research Laboratory project, it's totally open source now, and so any back doors would arguably have been discovered. Perhaps one could hide code in other code via encryption and steganography, but that seems unlikely. Yeah, government/corporate involvement in such things can often be entertaining and surprising. :) > > Anyway, I welcome any and all comments. > > Hierophant > hierophant at hell.com -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/support/attachments/20080804/7667d368/attachment.pgp>
