Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - kmfkewm

Pages: 1 ... 80 81 [82] 83 84 ... 249
1216
Security / Re: Zerocoins
« on: April 27, 2013, 07:41 am »
Also , if I did make a centralized blind mix (which I probably wont as I imagine Zerocoin will become a standard), I would certainly not do it as kmfkewm. Nobody wants their project to be linked to international drug smuggling, and nobody wants to advertise their project to criminals. There is a bit of a disconnect between the communities that are widely adopting these programs and technologies , and the communities that are developing them (with a few exceptions, I2P and Bitcoin being the first that I think of). If PGP was advertised as a way for drug smugglers to secure their communications, it would not be good. And if the creator of RSA said that an implementation of it could be bugged, and then released the mathematical formulas behind it, it would be a big mistake to avoid using those formulas simply because of the fact that they could be used in a bugged implementation. At the core of the matter, what the Zerocoin guy said really should be obvious to anybody. Of course they can put a backdoor in for law enforcement. The second half of what he said is equally as true: of course if they put a backdoor in an open source project, nobody is going to use it. If they release the specification and it is good, but the code they release is backdoored, somebody will make Blindcoin , something that is identical to Zerocoin but without the backdoor.

I really do hope that it is widely added to Bitcoin clients, of course providing that they have managed to create a cryptographically secure design. If their design is good and it is not integrated into all of the major Bitcoin clients, I will be really disappointed, and the Bitcoin developers community will have pissed away an opportunity to actually add strong anonymity to Bitcoin, something that it is currently lacking in and which needs to be glued onto it via third party services. Actually integrating that anonymity into the base protocol would be great for everybody, and a huge victory for us especially (although don't count on any of the people trying to get it implemented to mention this last point).

1217
Security / Re: Zerocoins
« on: April 27, 2013, 07:32 am »
What they really should have said is that Zerocoin can be used by law enforcement and intelligence agents to pay for information from informants, and that they would never backdoor it because doing so could compromise the law enforcement users.

1218
Security / Re: Zerocoins
« on: April 27, 2013, 07:26 am »
Quote
See, people can carp about how "privacy" isn't the same as "anonymity" as much as they like. The fact of the matter is that this is utter bullshit, because actually that sort of logic applies exclusively to the non-digital world. In the digital world privacy and anonymity are the same thing, the entire thing is a semantic argument. Nobody with two braincells to rub together deliberately chooses an inferior product so *some* higher-ups can break it! It's like a reverse version of Godwin's Law but for cryptography, good cryptography drives out the bad (albeit with the major caveat I mentioned about political/social capital and business sense).

Privacy protects the content of your communications, anonymity protects your identity. If you use Tor to clearnet you maintain your anonymity, but your privacy can be compromised by the exit node.

1219
Security / Re: Zerocoins
« on: April 27, 2013, 07:20 am »
Quote
It's funny in the non-funny way, because Green has effectively just completely blown the exact kind of credibility he needs to make this work. We are his stakeholders. In fact we're the perfect stakeholders. Since he's referred to LE agents, he's blown it. Sorry. You'll probably only get the one chance. It really puts a handful of nails on the road when you suck the dick of the exact people the stakeholders want to avoid by use of your tech. It's parallel to releasing a superior version of Bittorrent, and saying you can always install a backdoor for the RIAA. Suddenly filesharers everywhere, including those who aren't sharing illegal files are thinking: "Huh. How about no."

There is only one way to recover from this situation, and it's going to be difficult. My duck-bill intuition tells me that people reading this thread may be either associated with the article or the inventors of the Zerocoin protocol, so here goes:

You need people like Bruce Schneider and Roger Dingledine to review your code and design. A dozen PhD people are not going to help you, for all we know they are shills. You need people who are ideological about security, people with an actual spine, and that means hackers. That's it.

The thing you need to keep in mind is that people in these researchers positions need to keep up appearances. It is against their interests to say that their software should be used for circumventing law enforcement. He shouldn't need any credibility to make this work, because if the math and design are sound and the code is open source, then he can be a DEA agent himself for all it matters. Some academic researcher is not likely to come out and say that they have just invented the most secure money laundering system in the world. Bitcoin is a bit of an exception, it was designed by an anonymous person with strong ties to anarchist ideology. I2P is another exception for the same reason. Freenet was not made by a pseudonymous person, and Tor is primarily maintained by a group of academic researchers. The Tor and Freenet people stress that their software has uses for people in totalitarian countries, to bypass government censorship, etc. Look at the list of people who use Tor from the Tor project for Christs sake, Law Enforcement in sting operations, the military, etc. They sure don't say Tor is used by pedophiles and drug dealers! Freenet points out that it is used primarily by people trying to get around government censorship, whistleblowers etc. They don't say that it is the biggest cache of child pornography in the world. On the other hand I2P folks say that their network is for Anarchists and militants, and Bitcoin, especially before it started becoming mainstream, was openly discussed as an anarchist revolution against the state.

The Zerocoin researchers are obviously in a precarious situation. It is obvious that the main use of their system is for criminal financial activity. Freenet can say it is to avoid censorship, Tor can say it is to avoid censorship, hell even Bitcoin can say it is just an alternative currency. But a blind mixes sole purpose is criminal money transfer / money laundering. But I also agree with you that they should have handled it a bit better. They should have said it is a system to keep finances private etc etc, without mentioning the possibility of a backdoor for the police. However it also appears that they mentioned a backdoor will not be realistically possible in an open source project. Who wants to be the known university researcher who designed the biggest money laundering system in the world? Hell, for all they know they could be charged with conspiracy or something, so it is all about appearances. I guess I just can understand where they are coming from in trying to down play the threat of their system to the police and intelligence agencies.

PS: Dingledine has a Ph.D , not sure about Schneier but he probably does as well.

1220
Security / Re: Zerocoins
« on: April 27, 2013, 02:19 am »
Which is actually somewhat unfortunate for me because I had plans to implement a traditional centralized blind mix and charge a fee for its use :P. Way to advance the entire field out from under my feet , assholes ;).

1221
Security / Re: Zerocoins
« on: April 27, 2013, 02:13 am »
Zerocoin, assuming it is a cryptographically secure decentralized blind mix, would have really big implications if it is merged into Bitcoin. Even blind mixes are weak to traffic analysis attacks, but if ALL bitcoins are automatically mixed, the risk of traffic analysis being used to link users will be lower than for any other currency system out there. Volume of coins mixed and number of users is what protects a blind mix from traffic analysis, and you couldn't dream of a better crowd size than all of the bitcoin users and all of the bitcoins. The only blind mix I have heard of being implemented and used in the past was Ecache (I seem to recall it was blind) for Pecunix, which was centralized, weak to seizure, and had a tiny user base as well as fairly small amounts of currency going through it.

I have never really thought of Bitcoin as an anonymous currency, despite the way the media reported on it. Rather , I thought of it as being a currency resistant to censorship (because it is distributed and not owned by any single company), and resistant to seizure (because the keys that control it can be encrypted, and even stored entirely in a users memory with braincoin). I definitely see the potential for a system like zerocoin to add "actually extremely anonymous" to the list of characteristics of bitcoin.

1222
Security / Re: Zerocoins
« on: April 27, 2013, 02:06 am »
Traditional blind mixes are based off of blind cryptographic signatures. These algorithms allow someone to sign something that is blinded, and the person who receives the blind signed item to unblind it. The signer does not know what the thing they signed will look like when it is unblinded, but they can verify that they have signed it. This can be used in several different ways to create a blind mix. 

https://en.wikipedia.org/wiki/Blind_signature

Quote
An often-used analogy to the cryptographic blind signature is the physical act of enclosing a ballot in a special carbon paper lined envelope. The ballot can be marked through the envelope by the carbon paper. It is then sealed by the voter and handed to an official which signs the envelope. Once signed, the package can be given back to the voter, who transfers the now signed ballot to a new unmarked normal envelope. Thus, the signer does not view the message content, but a third party can later verify the signature and know that the signature is valid within the limitations of the underlying signature scheme.

Blind signatures can also be used to provide unlinkability, which prevents the signer from linking the blinded message it signs to a later un-blinded version that it may be called upon to verify. In this case, the signer's response is first "un-blinded" prior to verification in such a way that the signature remains valid for the un-blinded message. This can be useful in schemes where anonymity is required.

This explains one implementation of blind mixing, although I think it is not a particularly interesting one. The most interesting implementations allow Alice to obtain blind tokens that can be used for paying anybody, without Bob first needing to get a 'deposit slip' to give to Alice. I don't know if this is what Zerocoin is based on, but blind signature schemes like this are what all of the traditional blind mixes are based on.

https://en.wikipedia.org/wiki/Anonymous_Internet_banking
Quote
Anonymous internet banking depends on the mathematics of public key cryptography and blind signature algorithms. In this simple example we have Alice and Bob and a banker. The banker generates an RSA public key with modulus n= P Q, where P and Q are large primes, making n a semiprime. As described in RSA operation, the bank also generates public key exponent e and private key exponent d.

Bob asks the banker for a $100 deposit slip in anticipation of Alice wanting to transfer money to him. To generate a deposit slip the bank selects a large, globally unique random number R and encrypts it using the bank's public key; this means that it can only be decrypted with the bank's secret key:

R' = R^e mod n

This encrypted value R' is sent to Bob with the promise to deposit $100 into his account when Bob sends the value R back to the bank. The bank is confident that Bob won't be able to break RSA to generate R from R' within the heat death of the universe without knowledge of d, so it does not worry about handing out the deposit slips without receiving anything from Bob.

When Alice wants to pay Bob $100 she asks for the deposit slip and Bob sends her R'. Alice selects a large random value w coprime with n (so as to have an inverse modulo n) and uses it to blind R''=w^e*R' and sends it to the bank to be blind signed. The Bank charges Alice $100 for this operation and returns the blind signed value R'''. Due to the symmetric properties of RSA, this provides her with R:

R'''  = (w^e*R')^d  mod n = (w^e*R^e)^d  mod n = (w*R)^ed mod n = w * R mod n

Because of the blinding process, the Bank is not able to associate R'' or R''' with R' or R. The only possible way for the bank to do this is to trial divide R'' by all the values of R' that it gave out or R''' by all values of R. This means is unable to determine that Bob and Alice are doing business together, preserving the anonymity of the transaction. Alice unblinds R''' (by dividing it by w) to generate the original value R, which she sends to Bob. Bob verifies that R can be encrypted with the bank's public key by computing R' = R^e mod n, which means that Alice has deposited $100 into the bank. Bob then sends this value to the bank and the bank checks its records to be sure that R has not been already used. If it has not, it deposits $100 into his account and updates its database that the unique value R has been redeemed.

Different public keys can be used for different denominations of currency so this system doesn't take appreciably longer for large transactions.

Note that if neither Alice nor Bob wishes the bank to know that they performed a transaction with each other, then it is hard for the bank to find out. However, in order to ensure this is the case many people need to be making transactions at the same time. Otherwise the bank can figure it out by the timing of the transactions, using traffic analysis.

1223
Security / Re: Zerocoins
« on: April 27, 2013, 01:32 am »
Actually this article deals with the back-door thing quite well http://beforeitsnews.com/alternative/2013/03/bitcoin-privacy-extension-to-have-back-door-for-government-snooping-2602114.html

The reality is a back door is entirely speculative, and impossible to add in with us knowing. I think he just said that because some of his team didn't feel comfortable with possibly facilitating crime (one of them apparently was hesitant about working on it, I read in one of the aforementioned articles).

That is definitely the impression I get as well.

1224
Security / Re: Zerocoins
« on: April 27, 2013, 01:21 am »
I'm too lazy to actually sift through this protocol change proposal... but I don't see how it's possible to do this.  I mean possible at all: the whole idea behind Bitcoin is that the entire transaction history is available for public verification in the blockchain.  Every transaction ever made.  Remove that, and you're trusting a central authority to keep their records straight: that places all the power in their hands, and that's one of the things Bitcoin is specifically designed to avoid.

Again, I haven't looked at the specification or anything, but I don't see how it could possibly work.

I also have not read the specification, but it is apparent that they have created a distributed blind mix, probably based on similar principles to Bitcoin itself. The technical details of how they managed to securely distribute the blind mixing will be very interesting as I do not believe anyone has ever made a distributed blind mix before. However it is certainly not that far fetched sounding. There are already algorithms for centralized semi-trusted blind mixes. The current systems allow for perfect unlinkability of coins (or any other currency token of any sort) passing through the blind mix, even the operator of the blind mix can not link people depositing coins into the mix to people withdrawing coins from it. Essentially Alice sends bitcoins to the blind mix and gets blinded cryptographic tokens, she can then send those blinded cryptographic tokens to Bob, who can send them to the blind mix and withdraw the coins Alice has deposited. There are at least a dozen cryptographically sound systems for doing this, and they have existed (mostly as mathematical formulas in theoretic whitepapers) for decades.

A traditional non-blind mix needs to be fully trusted because the coin value going into and out of the mix can be linked by the operator of the mix, but not by a passive observer (in this case someone looking at the block chain). Blind mixing only requires a semi-trusted mix operator because even the mix operator cannot link the coin value going into and out of a blind mix, nor can a passive adversary. However, traditionally the operator of the blind mix can still steal all of the coins they hold. I have not read the technical specification for Zerocoin yet, but they claim to have taken the concept of blind mixing a step further, creating a fully untrusted blind mixing *network*, that has the same unlinkability properties as a traditional centralized blind mix, in addition to protecting from the mix operator(s) stealing the coins they hold. It is a giant step forward for anonymous cryptocurrency if they have really managed to do it, on the same level of a technological achievement as Bitcoin itself imo. It will be interesting to see how they did it. 

1225
Hell I almost prefer the conservative approach of sending people to jail for drug charges versus the liberal approach of sending people to in patient rehab. In patient rehab is like prison but even worse because it is a reeducation prison. Instead of playing cards all day passing the time, you will be subjected to a bombardment of bullshit at all times. First of all you should realize that the number one so called "medicine" used by these so called "addiction specialists" to so called "cure" so called "addiction" is a whopping dose of The Holy Bible. No joke. NA / AA methodology is very commonly used. So pretty much you will be arrested with some marijuana and thanks to good old Obama fighting for us you will not go to prison, but instead you will go to a so called "treatment center" which looks suspiciously like a prison, and has locks, and CCTV, and guards, etc. During your several month stay, in which you will be treated of your "marijuana addiction" (which means you used marijuana once in your life), you will take several classes every day.

Your first class will probably consist of "drug education" in which you learn all about how marijuana puts holes in your brain, is highly addictive and leads to all sorts of crime. After learning The Truth About Drugs (tm), you will probably then go to a self help group! After starting off with the serenity prayer, you will be told that you are completely helpless at stopping your marijuana use, despite all of the horrible things it has done to you (like get you sent to the not-a-prison locked down "treatment center"). But there is good news! You see, Jesus loves you just as much as he hates drugs, and if you turn your life over to him he can totally help you get over your marijuana addiction! After ending this class with the Lords Prayer, you will probably go to your next class of the day, Moral Thinking (tm). Here you may role play various things, such as calling the police when you see people using drugs (because after all, their marijuana use might end up with someone dead, if they drive while high, do you really want to take that risk?!). Your next class might be Positive Behavior Learning (TM). Here you might brainstorm fun things you can do besides be a hopeless marijuana junkie, maybe you can exercise instead (or better yet go to church!). Next you might go to a lecture, and hear about how every drug user who you *think* is your friend is really just using you, a total negative influence on you, and you should totally never communicate with them again when you are released because they are just demon marijuana addicts who are going to push the devils herb on you. The truth is, you don't have any friends at all! Maybe you should brainstorm some ways to make new friends when you are released, a good suggestion is by meeting people at Church! Finally you will end up at Snitch On Everybody Class (TM), where you will be encouraged to report on the progress of everybody else, and let the Guards (who love you almost as much as Jesus does!) know if anyone has been saying anything that indicates they might use again when they are released! That is a big no no!

Do you disagree with anything that they say to you? WRONG. They are "Addiction Specialists" (tm) and went to school to get a fucking degree you stupid junkie! You better agree with them, or they are going to tell the judge that you are still a hopeless addict and then you might fail rehab and go to jail after all! So put on a smile, say you have found the Good Lord, drugs ruined your life and you didn't even know it (probably because you were too high to see!), and pretend like you have taken a big gulp of the kool aid. Make sure to never let on that you think it is a crock of shit, or else one of the group members who has seen the light will "help you" in Snitch On Everybody Class (TM).

You will go through this for about as long as you would have spent in jail playing cards! Thanks Liberals, you guys are so unlike the mean old conservatives, you really care about people!

1226
I agree, all this Atlantis hype when SR is under attack is highly suspicious..... If you want to praise Atlantis go do it on their forums..... oh wait, they probably don't have one.

I don't give 2 shits and a fuck about Atlantis.... even if SR only works for 5 minutes a day,  I'll continue to support it over the competition.

If I was DPR I'd delete every forum member hyping Atlantis, along with any SR account that has matching username. I'd also lock new user registration on the forums for a few weeks as well.

This is the SR forum, you should only be aloud to talk about SR.

I do appreciate that SR lets the competition discuss themselves somewhat here. I think that is good. But I think that this Atlantis spam has gotten beyond annoying. Make a single thread about it and shut the fuck up everywhere else already. Nobody really cares about Atlantis.

PS: If Atlantis is so much more leet at security than SR  , why did I have to tell them to disable hotlinked images on their forum 0_0.

1227
Well although initially I was neutral in regard to Atlantis, I now am very sick of seeing people claiming to be them spamming the shit out of this forum. I don't jump to conclusions, it is quite possible that the feds are trying to turn us against each other by framing Atlantis, in an attempt to cause general discord. However, if this is the case, they have succeeded in my case, as I start to really think Atlantis is likely a scam, provided they are truly responsible for the DDoS and the massive spamming of their site here. It is really admirable that DPR even allowed them to post links to their site here a few times, he honestly does not strike me as a ruthlessly competitive person. Hell, he even gave OVDB an entire sub forum here for a while. But the Atlantis supporters are really wearing out their welcome imo, because we do not need to see in a hundred different threads information about their shit. That is spamming. People who spam tend to be scammers it seems to me. I wonder if they are going to run away with the escrow?

As far as the code of SR, why don't you post some of it since you know it is so shitty? Oh, you cannot post it because PHP is fucking server side code you retard. Did you hack into the SR server and do a security audit on their code? All you can see is the HTML that it outputs. The same goes for Atlantis. You cannot see their code unless you have access to their server. Additionally, it doesn't really matter a whole whole lot how secure the rendezvous server between vendors and customers is. As always, security is up to those who want it, it can not possibly be outsourced in a secure fashion, especially not outsourced to anonymous characters doing illegal things on the onion net. Admittedly, Atlantis has a few innovative features, I like the idea of automatic GPG encryption of messages to the vendors key, provided the messages are not encrypted already. That is admittedly a bit more secure than what SR is doing, however it would be utterly foolish to rely on it, and as always, security should be managed by the people who need it, not outsourced to potentially malicious third parties.

As far as DDoS being impossible over Tor, this has already been covered extensively in some of the other threads these idiots have been making. DDoS over Tor is possible. If you don't believe me you could ask the Tor developers, but OZfreelancer already did and posted their response saying that DDoS is possible. Not only is it possible in the specific way that they mentioned, which is HS specific, but they are also weak to an assortment of traditional DoS and DDoS attacks. So the people claiming that DDoS over Tor is not possible are talking out of their asses, most certainly.

They have either penetrated SR and Atlantis to get copies of the code, or they are lying about having compared the quality.
They are overstating the importance of having a secure server, as far as vendors and customers should be concerned.
They are lying about the ability to carry out DDoS attacks over Tor.
They are spamming this forum with Atlantis bullshit that everybody is sick of hearing, despite DPR being kind enough to allow them to do it ever at all

So either they are affiliated with Atlantis, and Atlantis should never be trusted, or they are not affiliated with Atlantis and are trying to cause a problem between the established community and the emerging community, which is a technique that would indeed be utilized by the feds, or could even be bored trolls.

1228
Newbie discussion / Re: SR mentioned in Australian court
« on: April 25, 2013, 11:14 am »
99.99% chance the investigation into him started with an intercepted package

1229
This is to be expected and is nothing to be very excited about. It is merely changing who profits from our enslavement, to the friends of liberals (rehabilitation facilities, drug counselors, etc) rather than the friends of conservatives (prison industry). You need to understand what they are really saying, and look past the deceitful way in which it is presented. Instead of a small time drug offender going to jail for a few months, they may instead go to an in patient "treatment facility" for a few months. Instead of sitting in a cell being bored for the duration of their incarceration, they will instead be sitting in a group holding area being intensely bombarded with the same boring propaganda as always. For the smallest offenders nothing really new will happen. Instead of being arrested, sent to court and then put on probation and forced to pay for it, they will be arrested, sent to court and then sentenced to take a bunch of out patient "treatment" (propaganda) courses that they need to pay for. They will be forced to fund the social scientist propaganda regurgitation machines that tend to be very traditional statist-liberals, and supporters of the democrat political party. For dealers nothing will change, they will still be sent to prison, but they may be sent to prisons that have a focus on "treatment" (ie: propaganda taught by liberal social scientists) rather than on traditional simple holding of prisoners.

It is nothing surprising at all. Conservatives claim that we are heathens and criminals, and then they enslave us for the profit of their friends in the prison industry, claiming to be helping protect society from immoral criminals. Liberals claim that we are sick, and then they enslave us for the profit of their friends in social sciences, claiming to be helping to treat us. Only a small percentage of the people who go to drug treatment programs do so willingly, and a large percentage of them do not really have drug abuse problems. Remember, as far as the government is concerned, any recreational drug use is equal to drug abuse. You need to understand the weasel words that they use to really understand what they are saying, if you mirror image and assume that you are both coming from the same page, you will only cheer as our masters change hands. I will cheer when the slaves are freed, I do not care so much who is currently profiting off of our enslavement, or if the slave traders claim they are helping society by enslaving us or helping us by enslaving us.

1230
I think driving skills are impaired when people are stoned, but not to anywhere near the same extent as they are when they are drunk. I hate being in a car with a driver who has been drinking, and avoid it as much as possible. On the other hand, I don't feel very much at risk if I am in a car with a driver who is stoned. Personally I never drive drunk, but driving stoned doesn't feel as dangerous to me, especially if I am not baked out of my mind.

Pages: 1 ... 80 81 [82] 83 84 ... 249