Slashdot Mirror
Researchers Discover Flaws in Digital Currency Monero That Could Reveal Identity of Users (wired.com)
Researchers have discovered flaws in Monero, a digital currency that boasts a high degree of anonymity, that could lead to the identification of users. From a report: Monero is designed to mix up any given Monero "coin" with other payments, so that anyone scouring Monero's blockchain can't link it to any particular identity or previous transaction from the same source. But in a recent paper, a team of researchers from a broad collection of institutions -- including Princeton, Carnegie Mellon, Boston University, MIT, and the University of Illinois at Urbana-Champaign -- point to flaws in that mixing that make it possible to nonetheless extract individual transactions.
That shouldn't just worry anyone trying to stealthily spend Monero today. It also means evidence of earlier not-quite-untraceable payments remain carved into Monero's blockchain for years to come, visible for any snoop that cares to look.
That shouldn't just worry anyone trying to stealthily spend Monero today. It also means evidence of earlier not-quite-untraceable payments remain carved into Monero's blockchain for years to come, visible for any snoop that cares to look.
Gotta get 'em all! This is the best scam ever!
one more time, suckers!
Are soon parted... /s
There is a reason there is FDIC insurance in the US...
Anyone who's surprised by this isn't suspicious enough of the idea that a currency built on a permanent public ledger of transactions could possibly be anonymous.
If so-called cryptocurrencies are really good innovation, why they attract so many criminals/criminal activity?
Could it really be because, all cryptocurrencies themselves are scams, and that is why they attract all kinds of criminals/criminal activity?
If so-called cryptocurrencies are really currency, why no company/store can use Bitcoin as currency anymore?
Because the price of Bitcoin proved to be extremely unstable to use as a currency?
Would the result be different, if Bitcoin replaced by any other "cryptocurrency"?
Aren't all work the same way?
Or, they are not actually virtual currency but virtual investment?
But, if they are actually investment, why we need/want them?
What would happen to world economy, if people invested in virtual investments, instead of real investments?
Or, all so-called cryptocurrencies are actually just a modified Ponzi Schemes?
(Price of cryptocurrencies would keep increasing in the long term (by their design), so it is equivalent of paying variable interest to all long term investors.)
As more and more people invest in cryptocurrencies, it will become harder and harder to ban their trading everywhere!
All cryptocurrencies need to be banned globally before it is too late!
The price of Dogecoin is extremely stable.
From day one, one Dogecoin has always been equal to one Dogecoin.
#DeleteFacebook
"spend monero" hahahahha. kryptokurrency.
Monero has several functions to create anonymity, each one on it's own doesn't do it but combined there is a nice proof that they do. Every 6 months some idiot points out that one of the functions can be beaten. It's so common I'm not even going to bother reading the paper this time.
It wouldn't matter if they WERE the best and brightest. If you study cryptography you learn about famous cryptographers such as Polybius, Trithemius, VigenÃre, Stager, Scherbius, Rivest, and Schneier. These are the best cryptographers the world has ever seen. They all have own thing in common - their creations have all been hacked, broken.
A fundamental law is that it is easier to break something than to make that thing. Physicists call this "maximum entropy" - things naturally tend away from order and structure, things break more easily than they are made. Any cipher, any encryption, which can be made by people can broken by people.
In cryptography, as in crime, one side has an almost insurmountable advantage. The cryptographer can come up with huge, complex systems with many parts. The cryptanalyst needs only find a single flaw, a single shortcoming or shortcut, anywhere in the system. Cryptonanalysists will amost always beat cryptographers for the same reason a determined police force will almost always find their murderer if they try hard enough - the murderer has to do everything perfect to get with it, the police only need to find that one stray hair, with its DNA, or one drop of blood under the carpet, to prove their case.
Monero has several functions to create anonymity, each one on it's own doesn't do it but combined there is a nice proof that they do. Every 6 months some idiot points out that one of the functions can be beaten. It's so common I'm not even going to bother reading the paper this time.
You're likely correct.
There's a lot of pressure being put into killing cryptocurrencies by governments because a method of exchange they don't control means they can't use currency and banks to suppress otherwise-legal activities they do not like for purely political reasons.
For example, "Operation Choke Point" is government threatening banks with audits and endless investigations if they do not refuse to do business with or handle transactions for certain businesses like medical marijuana dispensaries, strip/topless dancer clubs, adult book stores/sex-toy stores, and now including firearm makers, firearm retail stores, and their customers. The government is also contemplating using the same strategy to financially strangle political organizations, publications, websites, and news services that oppose increasing government power and scope.
CitiGroup has just announced they will no longer handle any type of financial transactions by either businesses or individuals that involve the totally legal buying and selling of certain firearms like AR15s and accessories like "high capacity magazines", whatever that means, or the selling of any firearms to those under 21 who are legally allowed to purchase a firearm.
In this way the government can side-step and bypass the BoR/civil rights by employing a third-party.
s/ Hmm, "third party doctrine"...sounds familiar, where did I hear that? /s
As a result, the firearms industry is now contemplating moving to cryptocurrency to bypass the financial blockade.
As more and more perfectly legal businesses, political organizations, websites, and publications that government/politicians dislike are forced to move to cryptocurrencies, this method of digital wealth exchange may become quite stable and commonplace in the future.
So, government and financial institutions are conspiring together to negate the BoR. There's a term for that sort of relationship between government and the private-sector.
Fascism.
Now just because something is permanently recorded in a ledger doesn't automatically prevent it from being anonymous. Take this Slashdot post for example.
https://getmonero.org/2017/04/... FYI: the link is more than a year old.
#Dunce
This is mostly researchers rehashing (pardon the pun) the 0-mixin problem that Monero used to have. As for their comment on the sampling size - this is already being addressed and adjusted. They even say in their conclusion:
"A report from Monero Research Labs cited the difficulty of frequently tuning parameters based on data collection (especially since the data collection mechanism itself becomes a potential target for an attacker hoping to alter the parameters) [16]. Fortunately, we provide preliminary evidence that the distribution of “spendtimes” changes very little over time. Hence we recommend a sampling procedure based on a model of spending times derived from blockchain data, as discussed in Section 6.1."
This isn't really news to the people that are versed in Monero...the effect it actually has on your anonymity set going forward is negligible and the Monero Community is constantly looking for ways to raise the mixins while keeping the blocksize manageable.
Which amendment in the Bill of Rights says a company doesn't have the right to refuse to service another company?
It's the one right next to the amendment allowing the government to strong-arm and blackmail financial institutions with threats of endless investigations by government regulators into refusing to allow legal businesses to perform legal commercial transactions with law-abiding citizens for purely political reasons.
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
> If they have been used correctly, such as the way ssl does PFS, wherein the keys used at the time are only ever used once then forgotten, it becomes impossible to glean any record of past transactions
SSL PFS has in fact been broken. Over 80% of web servers used group 1, most SSL VPNs used group 2, and all of the others used group 3 or 5. We know for sure group 1 was publicly factored, allowing the (backward) decryption of most web SSL. There is evidence that NSA factored group 2, allowing them to decrypt most SSL VPN sessions.
Your very example of what can't be broken was broken, three years ago.
That's a Feature !
All Crypto is monitored by various nation states... they might not know what you are doing at first but a lot of attention draws all arrows to you as a 'person of interest.'
Stay Legal ! :-)